Data Protection for Schools

Duration 2 hours

Last audited 19th August 2025

CPD Approved
Data Protection for Schools
For me
For teams

  • 100% online training

  • Start when you like

  • Learn on any device (desktop, mobile or tablet)

  • Instant assessment and result

  • 1 learner per course

  • Train teams of all sizes

  • Bulk discounts starting at 10% off 10 courses

  • Pay by invoice with 30 day payment terms available (5+ courses)

£25 +VAT

include vat

Includes a 10% discount for 10+ courses

Under the Data Protection Act 2018 and the GDPR, all schools are classified as data controllers, because they hold large amounts of personal information about pupils, members of staff, parents, governors and visitors. As a result, schools are required to appoint a data protection officer, and must comply with the law for all data processing activities - these include collecting, storing, sharing and using data.

This Data Protection for Schools course explains what your responsibilities are under the UK data protection law and the EU GDPR, and will help you understand the steps you should take to ensure that your school’s data processing activities are secure and legally compliant.

100% online training

Access anywhere

Same day digital certificate

Printed certificate posted next working day

Full audio voiceover

Assessment retakes at no extra cost

Learn at your own pace with no completion deadlines

Developed by a qualified legal professional

Accredited by CPD

Earn 2 CPD points on completion

Bulk discount for orders of 10+ courses

Bigger orders = bigger discounts

Save on our courses when you buy more training upfront. Lock in a better price now and access the training whenever you need to. You can mix and match any of our courses too and get the discount off your whole order.

10+ courses = 10% off
50+ courses = 20% off
100+ courses = 30% off
500+ courses = 40% off

What you'll learn

By completing this course, you will:

  • Understand the key terms used in data protection law.
  • Understand your school's responsibilities under the GDPR and the Data Protection Act.
  • Have knowledge of the principles of data protection that all schools - and all school staff - must adhere to.
  • Understand the lawful grounds for processing personal information.
  • Understand how to obtain consent from data subjects, including students, parents, staff, governors and anyone connected to the school.
  • Have an understanding of data subject rights, including access rights and the right to be forgotten.
  • Recognise the responsibilities of your school as a data controller, and understand the roles and responsibilities of data processors and your Data Protection Officer.
  • Understand how to ensure data security and report personal data breaches.
  • Be familiar with the consequences of non-compliance.

Training you can trust

Accredited by CPD

All of our courses are accredited by the CPD Certification Service as conforming to universally accepted Continuing Professional Development (CPD) guidelines.

Recommended renewal:

2 years

What does this mean? This certificate does not have an expiry date, however, based on industry best practice guidelines there is a recommended renewal period.

Engage and empower

Our in-house Learning Designers develop all of our courses to give you and your learners the most engaging training possible.

Register for a free course demo
Screenshot 1
Screenshot 2
Screenshot 3
Example Certificate
Screenshot 1 Screenshot 2 Screenshot 3 Example Certificate
  • Course Content
  • Assessment
  • Suitable for

Module 1: Introduction

What is data protection?, key definitions, GDPR - what is it?, GDPR and Brexit, legal requirements, policies and notices and case study. 

Module 2: The Principles of Data Protection

Fair, lawful, and transparent processing, purpose limitations, data minimisation, accuracy, data retention and storage, sharing data, data security, and accountability.

Module 3: Legal Grounds for Processing and Obtaining Consent

Collecting data, performance of a contract, legal compliance, vital interests and public interest, legitimate interests, obtaining consent, photographs, CCTV and biometrics, methods for obtaining consent and withdrawing consent. 

Module 4: Data Subject Rights

Data subject rights, access rights, the right to be forgotten, the right to restriction, rectification and objection, data portability and automated processing.

Module 5: Data Protection Responsibilities

Who has responsibility for data protection? Data controllers, data processors, data protection officers, data protection by design and default, data security, reporting breaches, transferring data and consequences of non-compliance.

Download Course Overview (PDF)

The online assessment is taken on completion of the training material. You will be asked 20 multiple choice questions with a pass mark of 80%. The answers are marked automatically so you will instantly know whether you have passed. If you don't pass don't worry! You can take the test as many times as you need with no extra charge.

All schools are data controllers and process large amounts of data about their students, staff, and parents, so it is vital that every member of staff understands how to process that data securely and in line with the law. Data Protection for Schools is suitable for staff working in a school environment at all levels, and no previous knowledge is required. It is suitable for both data controllers and data processors.

If you use the internet as part of your day to day work then you may also be interested in taking our Cyber Security Training.

If you don’t work in education and are part of another organisation, including charities, professionals, sole traders and membership organisations, then you should take our Data Protection Training Course instead.

Written by experts

Darren Rose, Data Protection Consultant

In partnership with

Darren Rose

Data Protection Consultant

Darren Rose CIPP/E, BEng is a Certified Information Privacy Professional with a BEng in Electronic Engineering. He currently acts as a Data Protection Officer for maintained schools and businesses, a privacy consultant to the independent school sector, and a school compliance advisor covering data protection, Ofsted, SEND, behaviour, and attendance.

In addition to his work with schools, Darren advises small businesses on data protection, IT solutions, and disaster recovery planning. He is a former School Governor, a guest conference speaker for the Headmasters' and Headmistresses' Conference (HMC), and serves as a guest trainer and preferred GDPR consultant for the Independent Schools Association (ISA).

Darren has published several articles on data handling risks and has extensive experience in school operations, compliance, and data protection. 

Frequently asked questions

How do I access the training?

All of our training is done within your web browser - there are no apps to download or software to install.

After picking the courses you need and completing your purchase, you will receive a confirmation email. To access our courses yourself or to distribute them to others you just need to click the ‘Get Started’ button within the email and select which option you want. You will then be able to add the course(s) into an existing account, or create a new account.


Can I buy training for my team?

Of course just add the amount of courses you need and follow the purchase process. Please do be aware that it is one course per learner so they will all need their own course.

When buying courses for a team you'll also get access to our Management Suite free of charge. This is a tool that will allow you to allocate, track and review the training of your team.

Did you know? - We offer free training sessions on how to get the most from your Management Suite. To benefit from this, please contact: managersupport@highspeedtraining.co.uk to get your session booked in.


If I order multiple courses will I receive any discount?

Yes, our bulk discounts are automatically applied to orders containing any combination of courses. We offer the following discounts on bulk purchases:


If you purchase 10+ courses you receive a 10% discount

If you purchase 50+ courses you receive a 20% discount

If you purchase 100+ courses you receive a 30% discount

If you purchase 500+ courses you receive a 40% discount


What payment options are available?

You can pay for our training using either a Debit or Credit card.

For companies ordering 5 or more courses, you’ll also be given the option to pay by invoice.  If you would like to pay by invoice for fewer than 5 courses then please contact our Sales Team by calling 0333 006 7000 or emailing us at sales@highspeedtraining.co.uk. 


Can I access the training material after I have completed my course?

Yes. You can use your username and password to log in and revisit the training material as many times as you like, even after completing the course.


Is there a time limit on completing the course?

No, we want our courses to work around you so there’s no time limit in which you must complete the training after making a purchase. You can also split your training over as many different sessions as you wish, as course progress is saved as you make your way through the training. You’re free to learn entirely at your own pace.


See all FAQs

Course reviews

See all reviews