The law has changed and the General Data Protection Regulations (GDPR) came into effect on 25th May 2018. It brings higher standards for handling data and greater expectations for improved transparency, enhanced data security and increased accountability for processing personal data. Schools will have a legal duty to comply with the GDPR.
The new GDPR (General Data Protection Regulation) is replacing the current Data Protection Act (DPA) and is set to strengthen and unify all data held within an organisation. For schools, GDPR brings a new responsibility to inform parents and stakeholders about how they are using pupils’ data and by whom it is being used.