General Data Protection Regulation (GDPR)
What is GDPR?
In the UK, GDPR will replace the Data Protection Act 1998, which was brought into law as a way to implement the 1995 EU Data Protection Directive. GDPR seeks to give people more control over how organisations use their data, and introduces hefty penalties for organisations that fail to comply with the rules. It also ensures data protection law is almost identical across the EU.
At the moment, the Data Protection Act 1998 (‘DPA 1998’) applies to the way schools and trusts handle personal data. Most schools and trusts will be familiar with the general requirements of the DPA 1998, for example, the circumstances when they can disclose personal data and what to do if a person submits a subject access request.
From May 2018, the DPA 1998 will be replaced by the General Data Protection Regulation which is often referred to as the ‘GDPR’. Although many of the principles remain the same as the DPA 1998, there are some important changes which affect the way we process data.
In general terms, the GDPR places more emphasis on transparency, accountability and record keeping.
What does this mean for Schools?
Schools process a lot of personal data relating to pupils and staff in order to carry out its functions. They also acquire personal data relating to other people including, for example, parents / carers, local governors, trustees, members of the local community, suppliers, contractors and consultants. It is therefore important that all schools ensure they handle personal data carefully and legally. At Bell Lane we are committed to handling your data with care, further details are available in our policies.
Data Protection Officer
The data protection officer is responsible for overseeing data protection within the school. Please contact the data protection officer if you have any questions in this regard.
- School Data Protection Officer: Mr David Powell
- Bell Lane, Hendon, NW4 2AS
- Tel: 020 8203 3115
- [email protected]