We're sharing some small snippets over Christmas to share with staff.  Please feel free to share the link to this short news article or follow us over on our social media channels where we share additional help and advice - we'd love to see you there!

The ICO has published some updated guidance for people and organisations who work in the education sector with children and young people under 18.  The idea of the guidance is to help organisations feel confident to share personal information for safeguarding purposes.

We often see a rise in the number of Subject Access Requests received by schools at the end of term or at the end of the academic year.  This article, therefore, covers guidance and support around subject access requests, how to recognise them and how to respond.

Given the Public Sector Fraud Authority estimates that every year between £39.9 billion and £58.5 billion of taxpayer's money is subject to fraud and error, it's no wonder the UK Government has published some guidance about fraud awareness.

With the recent Data Use and Access Act, organisations must now be more precise than ever about how they handle data rights concerns; the complaints process for data rights is clarified and formalised. This article discusses best practice around which complaints process to use when you receive a complaint.

Parents of a school in Birmingham are concerned that a school has accidentally shared a spreadsheet which contained student names for children in Year 7 to Year 11 and parental contact details.

We've updated and added some new policies, including the Data Protection Policy, Model Redaction Guidelines, Data Rights Complaints Process, Freedom of Information Policy, SAR Procedure Template, SAR Response Template, Subject Access Request Clarification Template.  This article shows an amendments made to the documents.

The latest release of the "Keeping Children Safe in Education" guidance brings important updates for schools and colleges, including points relating to the rapidly evolving digital landscape.  Most of the changes in this year's guidance are technical.

The recent data breach involving Online SCR, an online provider of single central record (SCR) services, has put the personal data of education staff at risk.  The breach was a result of a cyber attack on a subcontractor.

As schools begin to welcome back students, staff and new joiners, the focus is on the new academic year: curriculum planning, safeguarding and operational logistics.  An equally critical and statutory area that demands attention is data protection and cyber security compliance.  Adhering to data protection law isn't just about avoiding fines; it's about protecting sensitive personal data of children, their families and staff.

The ICO Accountability Framework is a crucial tool for any organisation handling personal data, providing a structured approach to data protection compliance. When applied to the Department for Education (DfE) Digital Standards, it becomes a powerful mechanism for schools and trusts to ensure their technology and data practices are not only efficient but also legally compliant and secure.

The sight of a ransacked classroom is unsettling, especially for a junior school community. A break-in is not just about the cost of a new window or a replacement laptop; it is also about the potential loss of sensitive data.  Greenfields Junior School, in Green Lane, was broken into during the summer holidays.