Expert advice, support, guidance and training in data protection
Corporate Information Data Protection Officer SLA Further Information
The General Data Protection Regulation 2016 (GDPR) is a law designed to protect the privacy of individuals, in particular with regards to the processing of their personal information. The GDPR covers manual (paper) records as well as those held on computer.
Under the GDPR, schools are their own data controllers and are responsible for registering individually with the ICO, having a named Data Protection Officer as well as complying with the six principles of the Act and using, storing and protecting data, as appropriate. Failure to comply with the requirements of the GDPR could lead to a data protection breach: information could be lost or shared inappropriately for example. Breaches of the GDPR are investigated by the Information Commissioners Office who has the ability to impose a monetary penalty notice (fine) of either up to €20,000,000 or 4% of annual turnover, whichever is higher.
There is a growing need for Schools to be compliant and to implement controls, both policy driven and technical. One of the requirements of the GDPR is that public authorities, such as schools, must appoint a data protection officer (DPO). The GDPR requires the DPO have professional experience and knowledge of data protection law. This means each school must have a named individual who will carry out the role of a DPO. This SLA will provide your school with a DPO and assist you with your obligations under the GDPR. Please note these Services do not replace the schools duties and obligations as Data Controller.
Our Corporate Information Data Protection Officer SLA will provide an advisory service to assist with best practice for data protection along with a named Data Protection Officer.
Please download attached document for full terms of SLA
Annual contracts and other packages