It is important that schools and MATs assess EdTech supplier compliance (existing or new) properly to ensure you are able to meet UK GDPR requirements.

The introduction of the Data (Use and Access) Act brings an important new requirement for all education settings: by 19 June 2026, every school and trust must have a clear, accessible, and effective data protection complaints process in place. This...

Discover how you can build cyber response playbooks for team-wide readiness and resilience. As digital systems become more interconnected across a Trust, a cyber incident in one school can rapidly affect others, making a coordinated, MAT-wide...

Wrap up cyber safety before you wrap up for Christmas

The Christmas holidays are a time for joy and rest - but for cybercriminals, it’s business as usual. With schools closed and systems unattended, the festive season can be a prime opportunity for...

Schools and Multi-Academy Trusts (MATs) handle vast amounts of sensitive data every day, from student records to staff information. In line with UK GDPR requirements, this data must be protected with robust technical and organisational measures. ...

In a landmark decision, the Information Commissioner’s Office (ICO) has fined Capita plc and Capita Pension Solutions Limited (CPSL) a combined £14 million for serious data protection failures, a stark reminder that even the biggest players can fall...

The Information Commissioner’s Office (ICO), as highlighted in a recent BBC feature, has issued a strong advisory to the education sector: incidents of students hacking into their own school and college IT systems are on the rise; sometimes as part...

Nowadays, schools and MATs face the dual challenge of protecting sensitive data and safeguarding against cyber threats. The relationship between data protection and cyber security is akin to two sides of the same coin, each essential in creating a...

As data protection regulations evolve and scrutiny from external auditors grows, MAT leaders face increasing pressure to demonstrate robust compliance. Waiting for an external audit to uncover gaps can be risky. By conducting an internal data...