Page icon

Information & Data Protection

Image representing the service provider: data-protection (10-11-2017_1554)

Expert advice, support, guidance and training in data protection
Header icon

Corporate Information Data Protection SLA Further Information

From 25th of May 2018 The General Data Protection Regulation 2016 (GDPR) will replace the Data Protection Act. The GDPR is a law designed to protect the privacy of individuals, in particular with regards to the processing of their personal information. The GDPR covers manual (paper) records as well as those held on computer.

Under the GDPR, schools are their own data controllers and are responsible for registering individually with the ICO as well as complying with the six principles of the Act and using, storing and protecting data, as appropriate.
Failure to comply with the requirements of the GDPR could lead to a data protection breach: information could be lost or shared inappropriately for example. Breaches of the GDPR are investigated by the Information Commissioners Office who has the ability to impose a monetary penalty notice (fine) of either up to €20,000,000 or 4% of annual turnover, whichever is higher.

Our Corporate Information Data Protection SLA will provide an advisory service to assist with best practice for data protection

Please download attached document for full terms of SLA
Loading gif
Header icon

Data Protection Officer SLA

From 25th of May 2018 The General Data Protection Regulation 2016 (GDPR) will replace the Data Protection Act. The GDPR is a law designed to protect the privacy of individuals, in particular with regards to the processing of their personal information. The GDPR covers manual (paper) records as well as those held on computer.

Under the GDPR, schools are their own data controllers and are responsible for registering individually with the ICO as well as complying with the six principles of the Act and using, storing and protecting data, as appropriate.

Failure to comply with the requirements of the GDPR could lead to a data protection breach: information could be lost or shared inappropriately for example. Breaches of the GDPR are investigated by the Information Commissioners Office who has the ability to impose a monetary penalty notice (fine) of either up to €20,000,000 or 4% of annual turnover, whichever is higher.

There is a growing need for Schools to be compliant and to implement controls, both policy driven and technical. One of the requirements of the GDPR is that public authorities, such as schools, must appoint a data protection officer (DPO). The GDPR requires the DPO have professional experience and knowledge of data protection law. This means each school must have a named individual who will carry out the role of a DPO. This SLA will provide your school with a DPO and assist you with your obligations under the GDPR. Please note these Services do not replace the schools duties and obligations as Data Controller.

Purpose

The purpose of this document is to inform our customers about: -
  • The services we offer to support Data Protection Officers nominated by the school
  • The level of support to expect
  • Their own responsibilities relating to the services


This will enable the Corporate Information Team to: -
  • Describe our responsibilities for providing support services
  • Set service levels
  • Report on performance

Changes to the Service Level Agreement
This Service Level Agreement shall be reviewed annually. The service levels detailed in this document are subject to the service being provided within existing resources. The services detailed in this Data Protection Officer SLA are available to schools who are already subscribed to our existing Service Level Agreement on the condition of 40 or more schools subscribing.

Exceptional demands on the service will be prioritised by the Corporate Information Manager.

Service Specifications


Responsibilities of Data Protection Officers:
Data Protection Officers will:

  • Have their contact details made available on school privacy notices
  • Be in a position to undertake their tasks independently – report to highest level of management directly
  • Co-operate with the supervisory authority (Information Commissioner’s Office)
  • Act as contact point for the supervisory authority (Information Commissioner’s Office)
  • Have due regard to the risks associated with processing, taking account of nature, scope and context of processing
  • Promote a data protection culture within the organisation
  • Advise Corporate Information in advance of any new projects that could impact on their duties
  • Provide guidance in analysing and checking compliance of processing activities
  • Sign off on Data Protection Impact Assessments as required


Please note: the services detailed in this Data Protection Officer SLA are available to schools who are already subscribed to our existing Service Level Agreement at a rate of a further £3.03 per pupil per annum for a minimum term of two years.
Loading gif
Header icon

Terms

Loading gif
Header icon

Annual contracts and other packages

Loading gif
Header icon
Loading gif
Header icon
Loading gif
Header icon
Loading gif
Header icon
Loading gif