{"id":7367,"date":"2018-09-04T14:20:25","date_gmt":"2018-09-04T13:20:25","guid":{"rendered":"https:\/\/www.highspeedtraining.co.uk\/hub\/?p=7367"},"modified":"2024-05-02T11:28:43","modified_gmt":"2024-05-02T10:28:43","slug":"data-protection-act-compliance-schools","status":"publish","type":"post","link":"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/","title":{"rendered":"Data Protection in Schools: How to Comply With The Data Protection Act 2018"},"content":{"rendered":"<p>Any organisation that handles personal information must comply with the <strong>Data Protection Act 2018 (as amended in accordance with GDPR).<\/strong>\u00a0However, some organisations have greater data protection risks than others, and this is particularly the case in schools. They must handle personal data about staff and students securely and confidentially, which requires them to implement robust systems and management strategies.<\/p>\n<p id=\"backtotop\">You must know how to help your school fulfil these data protection requirements, so everyone&#8217;s personal information is acquired and held securely at all times. This guide will help you understand what duties you should fulfil to uphold data protection in your school.<\/p>\n<hr \/>\n<p><strong>The contents of this guide are:<\/strong><\/p>\n<ul>\n<li><a href=\"#summary\">Summary of the Data Protection Act in schools<\/a><\/li>\n<li><a href=\"#principles\">The key data protection principles<\/a><\/li>\n<li><a href=\"#categories\">Categories of personal data<\/a><\/li>\n<li><a href=\"#preventing\">Preventing data security breaches in schools<\/a><\/li>\n<li><a href=\"#policy\">Data protection use policy for schools<\/a><\/li>\n<li><a href=\"#responsible\">Who is responsible for data protection in schools?<\/a><\/li>\n<\/ul>\n<p id=\"summary\"><em>Use the above links to help you navigate to a specific section in the guide.<\/em><\/p>\n<hr \/>\n<h2>Summary of The Data Protection Act in\u00a0Schools<\/h2>\n<p>Schools are often filled with hundreds of people. This means your school will likely process a significant amount of personal data about both students and staff, and may regularly share this information with third parties. As a result, data protection in schools can prove especially difficult. However, the Act\u2019s guidance is clear-cut for data controllers and you must adhere to it.<\/p>\n<h4><strong>The Act requires schools to:\u00a0<\/strong><\/h4>\n<ul>\n<li>Keep personal information safe and secure.<\/li>\n<li>Protect personal information from misuse.<\/li>\n<li>Process data securely and confidentially.<\/li>\n<li>Ensure that all the information they hold about data subjects is accurate.<\/li>\n<li>Only collect and hold data for its intended purpose.<\/li>\n<li>Give data subjects control over the use of their personal data.<\/li>\n<li>Ensure that third parties with whom they share data also process data securely.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-33782\" src=\"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-content\/uploads\/2018\/08\/Students-on-computers.jpg\" alt=\"Students on computers\" width=\"685\" height=\"295\" \/><\/p>\n<p><strong>Personal information<\/strong> refers to both facts and opinions about a person, whether your school collects it automatically online, holds it electronically on computers, or has hard copies of data in folders and filing cabinets.<\/p>\n<p><strong>Processing data<\/strong> refers to anything you do with a person&#8217;s data, including collecting, storing, editing, retrieving, using, disclosing, archiving, and destroying it.<\/p>\n<p>Any data controllers that breach the Data Protection Act, including schools, could receive a\u00a0<strong>significant fine <\/strong>and may suffer other consequences, such as a damaged reputation. The maximum fine a business may face for non-compliance is up to\u00a0<strong>\u00a317 million or 4% of their global turnover<\/strong>\u00a0(whichever is higher).<\/p>\n<p>Your school can easily avoid these negative legal consequences by having sufficient procedures in place and ensuring everyone fulfils their duties. These are set out in the Act&#8217;s<strong> key data protection principles<\/strong>.<\/p>\n<div class=\"tip__box\">\n<div class=\"tip__title__container\">\n<div class=\"tip__title__text\">\n<div class=\"tip__title__icon\"><img decoding=\"async\" src=\"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-content\/uploads\/2019\/11\/expert-tip-icon.png\" alt=\"expert icon\" \/><\/div>\n<h3>Need a Course?<\/h3>\n<\/div>\n<\/div>\n<p>Our <a href=\"https:\/\/www.highspeedtraining.co.uk\/courses\/education\/data-protection-training-for-schools\/\" target=\"_blank\" rel=\"noopener noreferrer\">Data Protection for Schools Course<\/a> explains what your responsibilities are under the UK data protection law and the EU GDPR, and will help you understand the steps you should take to ensure that your school\u2019s data processing activities are secure and legally compliant.<\/p>\n<\/div>\n<p id=\"principles\"><a href=\"#backtotop\"><em>Back to Top<\/em><\/a><\/p>\n<hr \/>\n<h3>The Key Data Protection Principles<\/h3>\n<p>In order to protect data subjects&#8217; personal information, data protection law (as amended by GDPR) requires all data controllers to follow these key principles:<\/p>\n<ul>\n<li>Fair, lawful, and transparent processing.<\/li>\n<li>Purpose limitation.<\/li>\n<li>Data minimisation.<\/li>\n<li>Accuracy.<\/li>\n<li>Data retention periods.<\/li>\n<li>Data security.<\/li>\n<li>Accountability.<\/li>\n<\/ul>\n<p>Let\u2019s examine how each of these apply to school settings:<\/p>\n<hr \/>\n<h4><strong>1. Fair, lawful, and transparent processing.\u00a0<\/strong><\/h4>\n<p>Under this principle, schools must explain how they plan to process any personal data that they acquire from individuals. This refers to data about both staff and students, and anyone else whose personal information your school processes.<\/p>\n<p>Your school must have a data privacy notice or policy and terms and conditions that clearly explain how it&#8217;ll use any data they receive about a person. This information must be clearly visible to a person at the point when you&#8217;re acquiring their data.<\/p>\n<p>For example, if you share a consent form with a student and their parents about a school trip, you should have a statement on it about what their personal information is needed for, what the school intends to use it for, and whom it may be shared with.<\/p>\n<p>Children over 13 should have the opportunity to give consent regarding data protection, but should receive parental input where needed.<\/p>\n<hr \/>\n<h4><strong>2. Purpose limitation.<\/strong><\/h4>\n<p>Schools must not acquire, hold, or process data in any manner that doesn\u2019t relate to its original intended purpose.\u00a0For example, you can&#8217;t take the data you acquired about students for assessments and then use it on your website. Furthermore, you can&#8217;t gather data about people on a &#8216;just in case&#8217; basis. You must have a legitimate reason for obtaining and processing it, and be able to show evidence of this.<\/p>\n<hr \/>\n<h4><strong>3. Data minimisation.<\/strong><\/h4>\n<p>Your school must minimise the amount of personal data it holds, which connects closely to the previous principle. Data must be adequate, relevant, and limited to what is necessary. This means you must decide what information is absolutely critical for the intended purpose and not collect any further data.<\/p>\n<p>When the data you&#8217;ve collected has fulfilled its purpose and you no longer need it, you must securely destroy it. The only exception to this is if you must hold it for legal purposes, such as bookkeeping records.<\/p>\n<hr \/>\n<h4><strong>4. Accuracy.<\/strong><\/h4>\n<p>Your school should carry out regular audits of the personal data it holds to ensure it always remains up to date. This is essential for ensuring the school doesn&#8217;t process data that does not accurately represent the data subject. It also helps to prevent emergency risks. For example, if an out-of-date address or phone number is on record, this can delay emergency actions.<\/p>\n<p>Furthermore, if a member of staff or a student (or their representative) notifies you of a change relating to their personal data, you must update it as soon as possible. This requirement also applies to any third parties with whom you share personal data, such as payroll companies or external exam bodies. Your school must have a system in place for ensuring these third parties can easily correct data where necessary.<\/p>\n<hr \/>\n<h4><strong>5. Data retention periods.<\/strong><\/h4>\n<p>Your school must not hold onto data for longer than is necessary. Once you no longer need it, you must securely destroy it. The <a href=\"https:\/\/www.education-ni.gov.uk\/publications\/disposal-records-schedule\" target=\"_blank\" rel=\"noopener noreferrer\">disposal of records schedule<\/a>\u00a0published by the Department of Education can offer useful guidelines for when you should destroy certain records. Some stipulations are legal obligations while others are best practice, so you should familiarise yourself with them. However, it is still down to your school&#8217;s discretion, based on the purpose for which you acquired the data, to decide how long you need to hold onto it.<\/p>\n<p>You should also be aware that data subjects have the right to erasure, also known as the right to be forgotten. This requires you to destroy any personal data you have about the person, unless you have a good reason not to. If you do not have a legitimate reason to deny this request, you must erase all the data you hold about them as soon as possible.<\/p>\n<p>For example, a legitimate reason for not fulfilling an erasure request is needing information about a student so they can sit an exam. Another example is holding information about a member of staff to process their salary.<\/p>\n<hr \/>\n<h4><strong>6. Data security.<\/strong><\/h4>\n<p>This refers to securely holding the data you have about people. You must protect against unauthorised or unlawful processing and against accidental loss, destruction, or damage. To do so, your school should use appropriate technical or organisational measures. For example, password protection on digital folders, encryption of files, and physical locks on filing cabinets.<\/p>\n<p>Data security also applies to other forms of processing, including disposal. For example, shredding, incinerating, and securely erasing HDDs. When erasing hard drives, your school may require technical support, as simply erasing the data or formatting the drive can often prove insufficient.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-33783\" src=\"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-content\/uploads\/2018\/08\/Physical-data-records.jpg\" alt=\"Physical data records\" width=\"685\" height=\"295\" \/><\/p>\n<p>Data security applies to\u00a0<strong>both physical and digital data<\/strong>\u00a0and to\u00a0<strong>internal and external threats<\/strong>. People must not be able to access data without proper authorisation. For example, by physically accessing a room that holds student records or digitally acquiring them through cyber-attacks.<\/p>\n<p>Your school must have security measures in place to prevent this, such as limiting access, using security software, and using secure storage facilities.<\/p>\n<hr \/>\n<h4><strong>7. Accountability.<\/strong><\/h4>\n<p>Accountability is a new addition to the Data Protection Act in accordance with GDPR. It requires all data controllers to have processes in place that prove their data protection measures are sufficient. This means that your school should keep accurate records of processing activities and update its policies where relevant.<\/p>\n<p>As part of protecting personal data,<strong> all schools must also notify the Information Commissioner\u2019s Office (ICO) annually.<\/strong> Failure to do so is a criminal offence. This is not a new requirement, but is an important part of accountability as it enables you to transparently show what data you&#8217;re processing and how.<\/p>\n<p><strong>Schools must notify the ICO of:<\/strong><\/p>\n<ul>\n<li>The purpose for which it holds personal data.<\/li>\n<li>What data it holds.<\/li>\n<li>The source of said data.<\/li>\n<li>To whom they intend to disclose the data.<\/li>\n<li>To which countries they intend to transfer the data.<\/li>\n<\/ul>\n<p id=\"categories\"><a href=\"#backtotop\"><em>Back to Top<\/em><\/a><\/p>\n<hr \/>\n<h2>Categories of Personal Data<\/h2>\n<p>In order to fulfil these principles, you and everyone in your school must understand what exactly defines personal data. Under data protection law, there are two main types of personal data: personal data and information, and special category data.<\/p>\n<h3>Personal Data and Information<\/h3>\n<p>This refers to any data about an identifiable living individual that you process in your school, including any records and personal information about staff and students.<\/p>\n<p>For example:<\/p>\n<ul>\n<li>Names of staff and pupils.<\/li>\n<li>Dates of birth.<\/li>\n<li>Photographs of staff and pupils that are clearly linked to their identity or other personal information about them.<\/li>\n<li>Addresses.<\/li>\n<li>National insurance numbers.<\/li>\n<li>Financial information, such as bank details and tax status.<\/li>\n<li>Recruitment data.<\/li>\n<li>Attendance and behavioural information.<\/li>\n<li>Safeguarding information, including SEN assessments and data.<\/li>\n<li>School work and marks.<\/li>\n<li>Medical information, such as medical conditions and GP names.<\/li>\n<li>Exam results.<\/li>\n<li>Staff development reviews.<\/li>\n<\/ul>\n<p>This is not an exhaustive list, but it provides common examples of personal data that your school may process.<\/p>\n<h3>Special Category Data<\/h3>\n<p>Previously known as sensitive personal information, special category data refers to information about more sensitive topics. For example, a person\u2019s race and ethnicity, political opinions, religious beliefs, membership of trade unions, physical or mental health, sexuality, and criminal offences.<\/p>\n<p>The main difference between processing personal data and special category data is that your school must apply greater care when processing the latter<\/p>\n<p id=\"preventing\"><a href=\"#backtotop\"><em>Back to Top<\/em><\/a><\/p>\n<hr \/>\n<h2>Preventing Data Security Breaches in Schools<\/h2>\n<p>It is crucial for your school to have security measures that prevent data protection breaches to both physical and digital data. Following the principles discussed above will help you do so, but another important aspect to consider is students&#8217; and staffs\u2019 access to the internet and data.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-33784\" src=\"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-content\/uploads\/2018\/08\/Teacher-using-tablet-to-access-data.jpg\" alt=\"Teacher using tablet to access data\" width=\"685\" height=\"295\" \/><\/p>\n<p>Schools must consider how they can prevent breaches that may accidentally or deliberately occur when students and staff use the internet, intranet, and email systems.<\/p>\n<h4>Therefore, you must consider the following:<\/h4>\n<ul>\n<li>Does your school monitor or regulate the use of the internet, email, and\/or chat rooms?<\/li>\n<li>Do you use filtering systems to prevent students and staff from accessing inappropriate materials and sites on the internet or network?<\/li>\n<li>Is there a reporting procedure in place for accidental access to inappropriate materials or sites?<\/li>\n<li>Is internet safety a part of the curriculum?<\/li>\n<li>Does your school follow safe practices when publishing images and names of students on their website?<\/li>\n<li>Does everyone know how to send emails securely?<\/li>\n<\/ul>\n<p>To combat the issues that these activities may present, your school should have a use policy in place.<\/p>\n<p id=\"policy\"><a href=\"#backtotop\"><em>Back to Top<\/em><\/a><\/p>\n<hr \/>\n<h3>Data Protection Use Policy for Schools<\/h3>\n<p>A use policy explains what practices students and staff should follow to securely use the internet and email for private communications. It should also cover issues of security when people need to access the school\u2019s intranet\u00a0off the school grounds via a phone or tablet.<\/p>\n<h4>A use policy should cover the following:<\/h4>\n<ul>\n<li><strong>Email. <\/strong>Is homework or other personal data shared between students and staff via email? Can it be done securely? Can you avoid emailing parents sensitive data? When sending bulk emails, are staff using the BCC function to protect potentially hundreds of parents\u2019 emails?<\/li>\n<li><strong>Chat rooms.<\/strong>\u00a0Students should only have access to chat rooms that are educational in nature and closely moderated. As part of e-safety education, students should understand the importance of never giving out personal data that would identify them or others over chat.<\/li>\n<li><strong>Mobile technology.\u00a0<\/strong>The use policy should explain how people can use mobiles securely and safely and what restrictions apply where needed. Aspects to consider include video messaging, mobile access to the internet, entertainment services (e.g. streaming), and information-based services.<\/li>\n<li><strong>School websites.<\/strong>\u00a0You must protect students&#8217; identities. Therefore, if you need to publish an image of a student, for example, their name must not accompany it and vice versa. You should also always acquire parental permission where relevant. Furthermore, your website should have a clear, detailed privacy statement that states how your school intends to use the information they acquire about data subjects and how they&#8217;ll process it securely.<\/li>\n<\/ul>\n<p id=\"responsible\"><a href=\"#backtotop\"><em>Back to Top<\/em><\/a><\/p>\n<hr \/>\n<h2>Who is Responsible For Data Protection in Schools?<\/h2>\n<p>Ultimately, everyone has a responsibility to ensure the school securely processes data. Staff and even students who handle personal data need to be careful that it does not come into possession of anyone who doesn&#8217;t have permission to view or process it. For example, if a teacher has a USB containing information about their students\u2019 assessment submissions, they are responsible for keeping this data secure.<\/p>\n<p>However, your school should have designated individuals who have the necessary knowledge, experience, and training to implement and uphold systems and policies. More specifically, your school must have a designated Data Protection Officer (DPO). All public authorities are required to appoint a DPO by law, but even private schools should have one in place.<\/p>\n<h3>Data Protection Officers<\/h3>\n<p>The Data Protection Officer in your school is responsible for monitoring internal compliance and helping to establish policies and procedures. They\u00a0should understand common information risks and the school\u2019s strategies for combating them.<\/p>\n<h4>More specifically, DPOs can help businesses to:<\/h4>\n<ul>\n<li>Know what personal information your school holds and for what purpose.<\/li>\n<li>Develop the school&#8217;s data protection policy.<\/li>\n<li>Arrange training for and offer advice to staff.<\/li>\n<li>Be aware of and monitor who has access to personal data and why.<\/li>\n<li>Establish best practice guidance for data processors and anyone in the school that handles data.<\/li>\n<li>Process and respond to all requests for information, correction or erasure.<\/li>\n<li>Establish and oversee physical and digital security measures.<\/li>\n<li>Ensure that everyone processes data securely, including when they must destroy it.<\/li>\n<li>Ensure that third parties have appropriate data protection measures.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-7375\" src=\"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-content\/uploads\/2016\/05\/data_protection_act_responsiblity_schools.jpg\" alt=\"data_protection_act_responsiblity_schools\" width=\"685\" height=\"295\" \/><\/p>\n<p>Your school must have a\u00a0written contract with third parties who process data that includes information about data protection duties. The contract should oblige them to implement appropriate security measures for protecting any personal data they process. However, <b>the data controller (your school) still has the main responsibilities under the Data Protection Act:\u00a0<\/b>third parties are simply acting on your school&#8217;s behalf.<\/p>\n<p>Therefore, your school\u00a0must ensure that all third parties are consistently complying. To do this, your school could request written updates about security measures or carry out full audits (such as by visiting the third party&#8217;s premises).<\/p>\n<p><a href=\"#backtotop\"><em>Back to Top<\/em><\/a><\/p>\n<hr \/>\n<p>It&#8217;s crucial for your school to follow the key data protection principles and put in place systems and strategies that facilitate data protection. By doing so, your school will comply with the Data Protection Act, protect staff and students\u2019 confidentiality, and deliver education in a secure environment.<\/p>\n<hr \/>\n<h3>What to Read Next:<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-in-schools\/\">Data Protection in Schools \u2013 Guidance for the Education Sector<\/a><\/li>\n<li><a href=\"https:\/\/www.highspeedtraining.co.uk\/courses\/education\/data-protection-training-for-schools\/\" target=\"_blank\" rel=\"noopener noreferrer\">Data Protection for Schools Training\u00a0<\/a><\/li>\n<li><a href=\"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-quiz\/\" target=\"_blank\" rel=\"noopener noreferrer\">Data Protection Quiz<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Our free, comprehensive guide will give your school all the essential information you need to know about complying with the UK Data Protection Act.<\/p>\n","protected":false},"author":8,"featured_media":41708,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[3386,81,80],"class_list":["post-7367","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-safeguarding","tag-data-protection","tag-education","tag-teachers-and-parents"],"acf":{"schema_disabled":false,"schema_properties_FAQPage_question_answer":null,"schema_properties_HowTo_howto_tools":null,"schema_properties_HowTo_howto_supplies":null,"schema_properties_HowTo_howto_steps":null,"schema_properties_WebPage_cssSelector":null,"schema_sameAs_repeater":null,"schema_custom_json_repeater":null,"schema_custom_json_override":false},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v19.5 (Yoast SEO v19.12) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>UK Data Protection Act Compliance: A 2018 Guide for Schools<\/title>\n<meta name=\"description\" content=\"Our free, comprehensive guide will give your school all the essential information you need to comply with the UK Data Protection Act, as amended in 2018.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"UK Data Protection Act Compliance: A Free Guide for Schools\" \/>\n<meta property=\"og:description\" content=\"Our free, comprehensive guide will give your school all the essential information you need to comply with the UK Data Protection Act, as amended in 2018.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/\" \/>\n<meta property=\"og:site_name\" content=\"The Hub | High Speed Training\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/highspeedtraining\/\" \/>\n<meta property=\"article:published_time\" content=\"2018-09-04T13:20:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-02T10:28:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-content\/uploads\/2018\/09\/data-protection-s-fb.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"627\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Liz Burton-Hughes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"UK Data Protection Act Compliance: A Free Guide for Schools\" \/>\n<meta name=\"twitter:description\" content=\"Our free guide will give your school all the information you need to know to comply with the UK Data Protection Act.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-content\/uploads\/2018\/09\/data-protection-s-twit.jpg\" \/>\n<meta name=\"twitter:creator\" content=\"@hst\" \/>\n<meta name=\"twitter:site\" content=\"@hst\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Liz Burton-Hughes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"13 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"UK Data Protection Act Compliance: A 2018 Guide for Schools","description":"Our free, comprehensive guide will give your school all the essential information you need to comply with the UK Data Protection Act, as amended in 2018.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/","og_locale":"en_GB","og_type":"article","og_title":"UK Data Protection Act Compliance: A Free Guide for Schools","og_description":"Our free, comprehensive guide will give your school all the essential information you need to comply with the UK Data Protection Act, as amended in 2018.","og_url":"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/","og_site_name":"The Hub | High Speed Training","article_publisher":"http:\/\/www.facebook.com\/highspeedtraining\/","article_published_time":"2018-09-04T13:20:25+00:00","article_modified_time":"2024-05-02T10:28:43+00:00","og_image":[{"width":1200,"height":627,"url":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-content\/uploads\/2018\/09\/data-protection-s-fb.jpg","type":"image\/jpeg"}],"author":"Liz Burton-Hughes","twitter_card":"summary_large_image","twitter_title":"UK Data Protection Act Compliance: A Free Guide for Schools","twitter_description":"Our free guide will give your school all the information you need to know to comply with the UK Data Protection Act.","twitter_image":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-content\/uploads\/2018\/09\/data-protection-s-twit.jpg","twitter_creator":"@hst","twitter_site":"@hst","twitter_misc":{"Written by":"Liz Burton-Hughes","Estimated reading time":"13 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/#article","isPartOf":{"@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/"},"author":{"name":"Liz Burton-Hughes","@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/#\/schema\/person\/b34f6cec80af05b8bf3702d8f7f54e27"},"headline":"Data Protection in Schools: How to Comply With The Data Protection Act 2018","datePublished":"2018-09-04T13:20:25+00:00","dateModified":"2024-05-02T10:28:43+00:00","mainEntityOfPage":{"@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/"},"wordCount":2639,"commentCount":18,"publisher":{"@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/#organization"},"keywords":["Data Protection","Education","Teachers and Parents"],"articleSection":["Safeguarding"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/","url":"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/","name":"UK Data Protection Act Compliance: A 2018 Guide for Schools","isPartOf":{"@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/#website"},"datePublished":"2018-09-04T13:20:25+00:00","dateModified":"2024-05-02T10:28:43+00:00","description":"Our free, comprehensive guide will give your school all the essential information you need to comply with the UK Data Protection Act, as amended in 2018.","breadcrumb":{"@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/data-protection-act-compliance-schools\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.highspeedtraining.co.uk\/hub\/"},{"@type":"ListItem","position":2,"name":"Data Protection in Schools: How to Comply With The Data Protection Act 2018"}]},{"@type":"WebSite","@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/#website","url":"https:\/\/www.highspeedtraining.co.uk\/hub\/","name":"The Hub | High Speed Training","description":"Welcome to the Hub, the company blog from High Speed Training.","publisher":{"@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.highspeedtraining.co.uk\/hub\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/#organization","name":"The Hub | High Speed Training","url":"https:\/\/www.highspeedtraining.co.uk\/hub\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/#\/schema\/logo\/image\/","url":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-content\/uploads\/2021\/05\/HST_Logo_Dark-Blue_CMYK_AW-scaled.jpg","contentUrl":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-content\/uploads\/2021\/05\/HST_Logo_Dark-Blue_CMYK_AW-scaled.jpg","width":2560,"height":1206,"caption":"The Hub | High Speed Training"},"image":{"@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/#\/schema\/logo\/image\/"},"sameAs":["http:\/\/www.facebook.com\/highspeedtraining\/","https:\/\/twitter.com\/hst"]},{"@type":"Person","@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/#\/schema\/person\/b34f6cec80af05b8bf3702d8f7f54e27","name":"Liz Burton-Hughes","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.highspeedtraining.co.uk\/hub\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e8dd891dffaa723cee89793d4a90f4ac?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e8dd891dffaa723cee89793d4a90f4ac?s=96&d=mm&r=g","caption":"Liz Burton-Hughes"},"description":"Liz has been writing for the Hub since 2014. She has a University degree in English and previously worked as a freelance writer for various companies. Now, she specialises in writing Health and Safety content for High Speed Training.","sameAs":["https:\/\/www.highspeedtraining.co.uk","https:\/\/twitter.com\/hst"],"url":"https:\/\/www.highspeedtraining.co.uk\/hub\/author\/liz\/"}]}},"_links":{"self":[{"href":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-json\/wp\/v2\/posts\/7367","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-json\/wp\/v2\/comments?post=7367"}],"version-history":[{"count":6,"href":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-json\/wp\/v2\/posts\/7367\/revisions"}],"predecessor-version":[{"id":74522,"href":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-json\/wp\/v2\/posts\/7367\/revisions\/74522"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-json\/wp\/v2\/media\/41708"}],"wp:attachment":[{"href":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-json\/wp\/v2\/media?parent=7367"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-json\/wp\/v2\/categories?post=7367"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.highspeedtraining.co.uk\/hub\/wp-json\/wp\/v2\/tags?post=7367"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}