GDPR in Schools

As we celebrate UK Safer Internet Day on 11 February 2025, let’s take a moment to reflect on this year’s theme of "Too Good to Be True? Protecting yourself and others from scams online" highlighting the importance of being cautious and vigilant in...

Under UK GDPR, and as Controller, you must have a lawful basis for processing personal data (and remember that anything you do with personal data – including storing it or deleting it – counts as processing). UK GDPR won’t make processing lawful...

Data breaches, Cyber Security incidents, Subject Access Requests (SARs), and Freedom of Information (FOI) requests can often lead to a variety of complaints that require meticulous and thoughtful handling. These situations, while challenging,...

Did you know that nearly half of all emails sent globally are spam? And that 75% of cyberattacks in schools are carried out via phishing? These numbers are a wake-up call for the education sector. Spam and phishing attacks are not just an...

Data privacy is a growing concern and schools play a critical role in safeguarding the personal information of their students, staff, and parents. As schools become more data-driven, maintaining transparency and accountability regarding how personal...

SARs (Subject Access Requests) can be challenging for schools to manage, especially given the vast amount of personal data schools handle. Here's a comprehensive guide to handling SARs more effectively while maintaining compliance with data...

In today's digital landscape, cybersecurity incidents and associated data breaches are no longer a matter of "if" but "when." A robust incident log is one of the most valuable tools in an organisation's security arsenal. Here's why:

In today's schools, effective information sharing stands as a cornerstone of child protection and safeguarding. The 2024 Keeping Children Safe in Education (KCSIE) guidance emphasises that sharing information is crucial not only in identifying and...

In today's digital landscape, schools face increasing challenges in protecting sensitive information and ensuring the safety of both staff and students. The 2024 update to the Keeping Children Safe in Education (KCSIE) guidance emphasises the...

Our increasing reliance on technology for education, administration, and communication comes with significant cyber security risks. One of the most pressing concerns facing education organisations is the theft of credentials - login information that...