Clear, Repeatable, DPIA Workflows for MAT leaders
A consistent, well‑governed DPIA workflow is essential for MATs managing multiple schools.
Vetting EdTech Supplier Compliance for GDPR
It is important that schools and MATs assess EdTech supplier compliance (existing or new) properly to ensure you are able to meet UK GDPR requirements.
Should AI note-takers be used in schools?
Understanding the risks and compliance considerations. AI is revolutionising the workplace by enhancing operations and boosting efficiency. A notable trend is the adoption of AI-driven note-taking tools like Otter.ai and Microsoft Copilot, which...
The importance of RoPA when responding to SARs
Data privacy is a growing concern and schools play a critical role in safeguarding the personal information of their students, staff, and parents. As schools become more data-driven, maintaining transparency and accountability regarding how personal...
RoPA is good for your compliance!
Being subject to the UK GDPR, all organisations have a legal obligation to maintain an up-to-date and meaningful Records of our Processing Activities (RoPA).
What is a DPIA and why is it important?
A key thing about the GDPR is its focus on Privacy by Design (accountability) - Article 35(1) of the GDPR mandates that you carry out a Data Protection Impact Assessment (DPIA) where a type of processing is likely to result in a high risk to the...
EdTech Suppliers: are we a controller or processor?
As EdTech suppliers, it is crucial for us to determine whether we fall under the category of data processor or data controller. This distinction holds great importance for schools as they need to understand the responsibilities and liabilities...
Starting a new processing activity, the steps to getting it right!
Starting a new processing activity involves a number of actions, which you should complete to satisfy yourself that personal data and other information is treated with due respect and safeguards.
Loading
End of content
No more pages to load