GDPR is coming, but what does it mean to my school?

With the imminent introduction of the General Data Protection Regulation, which comes into force across Europe on Friday, 25 May 2018, many are struggling to understand what this means in practice. Here, Will Earp, Digital Experience Manager at the South West Grid for Learning (one of the partner organisations in the UK Safer Internet Centre (SIC)), takes a look at particular considerations for schools.

Date 2018-05-24 Author UK Safer Internet Centre
picture

You may have heard of the General Data Protection Regulation (or GDPR); if you haven't, it is a change in the legislation regarding how personal data can be stored and used and it comes into effect on 25 May 2018. But what does it actually mean? What do we need to change in order to be compliant with this new law?

Why GDPR?
Global communications has changed significantly in the last 50 years, and with the growth of internet technologies and computing, it was inevitable that data privacy laws would need redoing - especially considering the legislation it replaces in the UK is now 20 years old (Data Protection Act 1998).

Apart from legislative reasons, there are real problems that GDPR aims to solve. It has become clear over the past 10 years that personal data is a valuable commodity (just look at Google and Facebook among other companies), where products and services are free at the point of use, supported by advertising and other processes that use the data collected.

Over the past few years there have also been a string of huge data breaches that have shown companies are hoovering up massive amounts of personal data, which has led to questions such as:

  • What processes do they have in place to keep the data secure?
  • Are they handling the data correctly?
  • Do they have permission to use the data in the ways they are using it?
  • Do they even need to hold the data in order to perform the function we asked them to perform?

GDPR will strengthen and unify data protection for individuals within the EU, and will force all organisations processing personal data about EU citizens to abide by the new regulation.

Read more…
To read the full article, which goes on to discuss issues around personal data, controllers and processors, data collection and processing, data breaches, and rights of the individual in more detail, please visit the SWGfL website.

Find out more about the work of the UK Safer Internet Centre (SIC), including its awareness raising, helpline, hotline and youth participation services.

Related news