In the UK there are two legal definitions of insolvency. The first is where an individual or...
Data protection in schools
Given the sensitivity of the information that schools and other education institutions hold about pupils and staff, the issue of personal information can be particularly tricky.
Who would have thought ten years ago that we would be considering how biometric systems are used in schools to get food from the school canteen or to take books out of the library!
Schools have to be clear and transparent about how personal information is held and used, and therefore need a “fair processing notice”, sometimes called a “privacy notice”. This should be given to parents and pupils before, or as soon as, you obtain their personal information. These days, we usually see it on the school website, but you could also think about putting it in a school diary, on a school or staff notice board, in an induction pack for staff, in a school prospectus or in an information pack. The Department for Education has published suggested wording that can be tailored for your school, but do make sure that it covers all situations that it needs to, taking advice when needed. Does it cover permission for event photography? Do you have CCTV? Do you ever publish exam results in the media?
Schools must also notify the Information Commissioner’s Office (ICO) that they are “data controllers”, and are processing personal data, but the ICO is still finding that schools are not notifying them of all of the purposes for which they are processing personal information. This can be resolved through updating the ICO, for example, to let them know that you now have CCTV.
There are plenty of myths regarding data protection, such as parents and teachers can never take photographs at the Christmas play. Not true - although there are some sensible steps to take first to make sure you are compliant and no one is put at risk, which is exactly what the Data Protection Act and the Protection of Freedoms Act were really meant to be about.