The school has been working to ensure that all its practices relating to data protection are compliant with the new laws, this has included:
- Conducting a self-assessment of readiness for GDPR.
- Reviewing all documentation from Gov.UK, ICO, IRMS Toolkit.
- Completion of an in-depth audit, checked by CEFM (our HR provider), of all data processing in the school.
- Attendance at training for GDPR readiness.
- All staff have completed on-ine GDPR level 2 training.
- Reissue of letters for photography of children.
- Reissue of Privacy Notices for anyone associated with the school.
- Issue of OPT-IN email for information about the school.
- Fortnightly meetings to work through the 12 steps to the GDPR.
- Information for staff, governors and parents in letters, meetings and emails.
- Review of contracts with our suppliers.
- Requests of privacy notices from all our IT providers, e.g. Parentmail, ParentPay, IT hosting, CPOMS, SIMS etc.
- Review of policies: Data Protection; CCTV; Freedom of Information
The school information sharing tree below has some useful links to the school’s GDPR information.