Sensitive data from more than a dozen UK schools has been stolen in a ransomware attack, the BBC has reported. The compromised information includes children’s special education needs, passport scans, staff pay scales and contract details. Initial reports indicated that no...
The education sector is among the most vulnerable to data breaches across the globe, accounting for 172 publicly disclosed security incidents last year. Only the public sector was worse affected, according to data from our sister company IT Governance, which reviewed...
Every exam season, schools receive questions and complaints about the way they handle students’ personal data. What information are they allowed to share? What rules must they be aware of when processing or publishing exam results? The introduction of the GDPR...
The education sector is often cited as one of the most vulnerable to ransomware, but a new report has revealed just how damaging the threat is. Jisc’s Cyber Impact Report 2022 found that UK educational institutions spend £2 million on average...
Schools and other educational institutes are required to process vast amounts of personal data. They usually need information on pupils and parents, including safeguarding, contact information and in some cases financial details. It’s therefore essential that schools have appropriate data privacy...
The education sector was responsible for at least 172 data breaches in 2021, making it the second most vulnerable to security incidents. Only the public sector (263) suffered more publicly disclosed data breaches last year, according to data from our sister...
Schools share personal data with suppliers all the time, but because of the rules imposed by the GDPR (General Data Protection Regulation), they need to be careful about the way they use that information. The GDPR extends the scope of responsibility...
If your school is a maintained school or academy, then it is classed as a public authority and, under the GDPR, must appoint a DPO. This person is responsible for monitoring the application of the Regulation and advising and guiding the...
The data protection policy is the foundation of a school’s compliance with the UK GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018, and from which other policies, procedures and processes are based. It is an internal document that...