The law is changing and the General Data Protection Regulation (GDPR) comes into effect on 25th May 2018. It will bring higher standards for handling data and greater expectations for improved transparency, enhanced data security and increased accountability for processing personal data. Schools will have a legal duty to comply with the GDPR.
Please take the opportunity to watch the short video clip below
The Voyage Learning Campus started the GDPR journey in June 2017. We have:-
- Put a team together to work on compliance;
- Made everyone in school aware of GDPR, including Management Committee members;
- Created a Data Security Plan, and
- Are in the process of reviewing all of our data and documents.
The VLC already has strong data protection policies in place and these will now be updated in line with GDPR. We are committed to ensuring we do the right thing for our Management Committee, our families, our students, our staff and the third parties we work with. We are working with Audit West, our Data Protection Officer to ensure we are focussed on ensuring our processes can be evidenced to demonstrate compliance.
We know that complete GDPR compliance can only be achieved through a collaborative and transparent approach and we also want to ensure that this is comprehensive and complete.
We have been working on the following:-
- Identification of a Data Protection Officer
- Data mapping and Data Asset Register
- Embedding data privacy into all of our processes
- Information security risk
- Third party risks and our data partners
- Responding to subject access requests
- Data privacy breach procedures
- Ongoing monitoring
- Staff Development and Training opportunities
As a parent / carer you may receive some letters from us regarding GDPR. Some of these may be about consent and some about updating your information with us. We would appreciate it if you would read all information you receive and send back any relevant documents back to the Centre.
Last Updated: 22/05/2018 1:08pm | Filetype: pdf | Size: 146 KB
The new regulation is about protecting people in the modern information age. It gives more control to individuals and more responsibilities to organisations which collect and hold your data.