Course Cost:

Non Members: £195 (excluding VAT)

Members: £170 (excluding VAT)

Course Length: 1 day

Venue address:
Heath House Training and Conference Centre, Cheadle Road, Uttoxeter, Staffordshire, ST14 7BY

Course Date

01 January 2020

Course Time

09:30 to 15:30

Membership discounts: Book 1 place: £170+VAT; 2 places: £155+VAT per person; 3 places: £135+VAT per person

GDPR – What is the impact on Schools?

From 25th May 2018 the current Data Protection Act (DPA) will be replaced by the General Data Protection Regulation (GDPR).

The new law increases schools’ responsibilities on how they manage and share data.

The session will enable the participants to understand what GDPR is, the principle differences between GDPR and the current legislation and the impact it will have on schools. By the end of the course, delegates will be able to identify areas of risks that they will need to address and methods on how to accomplish GDPR management.

Course Objectives:

By the end of the course participants will:

  • Have an increased awareness of GDPR and how it applies to their school.
  • Understand the rights of the data subjects (living individuals residing in the EU).
  • Know the core GDPR principles and their impact on the school.
  • Be aware of the different methods for lawful processing of personal information.
  • Understand the role of stakeholders and the required roles and responsibilities, including the need for a Data Protection Officer (DPO) and how this responsibility may be shared across schools.
  • Understand consent, how it should be obtained, who can provide it and what happens when a child reaches the appropriate age to provide consent.
  • The different types of personal data and the appropriate safeguards that should be in place.
  • The right to erasure and access requests, including the challenges this can have when this is requested.
  • Know about international transfers of information and the use of cloud services.
  • Have an overview of the methodologies that can be used to help your school prepare for GDPR.

Course time table and session outline:

Session 1

  • Intro
  • GDPR Overview
  • Data Subject rights
  • GDPR Principles
  • Lawful processing
  • International transfers and usage of cloud

Session 2

  • Consent and its challenges
  • Children’s consent
  • The different types of personal data categories
  • The challenges of erasure and access requests

Session 3

  • What is a data protection officer and do you need one?
  • Roles and responsibilities
  • Group work – identify who should have what role
  • Group work – discuss results

Session 4

  • Identify key risks within your own school and some initial solutions
  • Overview of techniques that can be used to help prepare for GDPR
  • Available resources to support next steps

First Name


Your e-mail address

School / Establishment Name

School / Establishment Post Code

Contact Telephone Number

Number of places required

Name of participants if different from above

 I have read and understood the cancellation policy

Are you already a member?

 Please create membership for me

 I'm not ready to become a member yet