GDPR Compliance

GDPR School Compliance Audit

The new General Data Protection Regulation includes some dramatic changes on how schools (including academies and free schools) manage, process and delete data.

It is no longer just about finding data and making sure it is secure. It is about capturing the context of data and being able to prove you’ve done everything possible to protect an individual’s data and the rights of the individual themselves.

The purpose of this GDPR School Compliance Audit is to enable schools to evaluate how effectively they are preparing to comply with their obligations with regard to the processing of personal data and on the free movement of such data, under the new regulations which come into force on 25 May 2018.

Our GDPR School Compliance Audit includes a GDPR specialist member of our HR team undertaking a site visit to meet your principal/headteacher (or other nominated senior leader), and any other persons responsible for information management.

We will ask you to complete an initial pre-audit questionnaire before arranging an on-site visit where interviews with the staff responsible for information management and an initial risk assessment will be conducted.

The audit is split into four key areas:

  • Accountability and governance
  • Data Protection Officer responsibilities / post
  • Documentation to demonstrate compliance
  • Processes and procedures to support compliance.

There will be an opportunity to ask questions and to receive practical advice and guidance.

Following completion of the audit, a written report with recommendations will be produced, to include a GDPR compliance timeline.

Book your GDPR Audit using the form below.