Non Members: £195 (excluding VAT)
Members: £170 (excluding VAT)
Course Length: 1 day
Venue address: Heath House Training and Conference Centre, Cheadle Road, Uttoxeter, Staffordshire, ST14 7BY
01 January 2020
09:30 to 15:30
Membership discounts: Book 1 place: £170+VAT; 2 places: £155+VAT per person; 3 places: £135+VAT per person
GDPR – What is the impact on Schools?
From 25th May 2018 the current Data Protection Act (DPA) will be replaced by the General Data Protection Regulation (GDPR).
The new law increases schools’ responsibilities on how they manage and share data.
The session will enable the participants to understand what GDPR is, the principle differences between GDPR and the current legislation and the impact it will have on schools. By the end of the course, delegates will be able to identify areas of risks that they will need to address and methods on how to accomplish GDPR management.
By the end of the course participants will:
- Have an increased awareness of GDPR and how it applies to their school.
- Understand the rights of the data subjects (living individuals residing in the EU).
- Know the core GDPR principles and their impact on the school.
- Be aware of the different methods for lawful processing of personal information.
- Understand the role of stakeholders and the required roles and responsibilities, including the need for a Data Protection Officer (DPO) and how this responsibility may be shared across schools.
- Understand consent, how it should be obtained, who can provide it and what happens when a child reaches the appropriate age to provide consent.
- The different types of personal data and the appropriate safeguards that should be in place.
- The right to erasure and access requests, including the challenges this can have when this is requested.
- Know about international transfers of information and the use of cloud services.
- Have an overview of the methodologies that can be used to help your school prepare for GDPR.
Course time table and session outline:
- GDPR Overview
- Data Subject rights
- GDPR Principles
- Lawful processing
- International transfers and usage of cloud
- Consent and its challenges
- Children’s consent
- The different types of personal data categories
- The challenges of erasure and access requests
- What is a data protection officer and do you need one?
- Roles and responsibilities
- Group work – identify who should have what role
- Group work – discuss results
- Identify key risks within your own school and some initial solutions
- Overview of techniques that can be used to help prepare for GDPR
- Available resources to support next steps