

Spam and Phishing: how to protect your school
Did you know that nearly half of all emails sent globally are spam? And that 75% of cyberattacks in schools are carried out via phishing? These numbers are a wake-up call for the education sector. Spam and phishing attacks are not just an...


Data Protection & Technology in Schools
The integration of technology in schools has revolutionised education by enhancing learning experiences, facilitating access to a wealth of information, and enabling innovative teaching methods. However, this technological advancement has also...


The Children & AI Design Code
Practical Guidance for Schools and Teaching Staff
Developed by the 5Rights Foundation, The Children & AI Design Code sets out a process to identify, evaluate, and mitigate the known risks of AI to children and prepare for the known unknowns. It...


Navigating data management when a service provider withdraws
Things are always changing in the EdTech landscape, schools and Multi-Academy Trusts (MATs) often rely on various service providers for essential operations, from payment systems like sQuid Payments to compliance tools such as GDPR.co.uk. However,...


How to: Conduct a data audit
Conducting a data audit is the first step to understanding your data landscape, ensure compliance with regulations like GDPR, and identifying risks related to data protection. Many schools and MATs use external auditors however if you prefer to do...


Virtual School Heads: sharing vulnerable children's data
Balancing privacy and protection. Sharing student data is an essential responsibility for schools, especially for vulnerable children who face challenges requiring additional support. Whether it’s for safeguarding, accessing services, or maintaining...


Should AI note-takers be used in schools?
Understanding the risks and compliance considerations. AI is revolutionising the workplace by enhancing operations and boosting efficiency. A notable trend is the adoption of AI-driven note-taking tools like Otter.ai and Microsoft Copilot, which...


How to: consider harms resulting from data processing
Risks result from adverse effects of data processing and data breaches. What adverse effects do we need to consider? In doing Data Protection Impact Assessments (DPIAs), we are considering risks that result from possible harms to data subjects....


Supplier data breaches: your responsibilities as data controller
Under GDPR your suppliers (data processors or joint data controllers) are obliged to tell you "without undue delay" about a data breach they have suffered that has affected data that you are the controller for. For the avoidance of doubt, your...
Loading
End of content
No more pages to load