DPO

The reason why having a DPO is so important to schools, is that a failure to protect personal data can not only lead to an individual being compromised but also reputational damage and huge financial implications. The local (and sometimes national) media often prey on schools who have experienced a breach, to make examples of them, which can deter parents taking their children to that school. UK regulators (such as the ICO) also like to make examples of schools, who fail to protect data sufficiently, which can lead to significant financial loss for schools, which then can lead to issues budgeting later in the year.

The services an appointed DPO will carry out include: 

• Initial checklist to assess a school’s current position and address any red flags immediately
• Initial full policy review and write up, with annual follow ups. 
• Perform a school-wide audit of the information a school holds, ensuring record management is at a high standard and schools operate in their legal parameters.
• Perform an impact assessment, analyse all the processes a school incorporates and generate solutions to increase security. 
• Account management, our DPOs act a first point of call for any compliance issues and liaise with the ICO in the case of any severe breaches. 
• Set up initial training on GDPR awareness for all staff, and any follow up session and tailored sessions depending on the schools’ requirements. 
• Organise routine catch ups so clients are happy with their compliance position.  
• Generate and complete cyber recovery plans so a school can be more eligible for cyber insurance policies.