#2 Next step

Posted on by

Watching the GDPR video together was helpful as it helped clarify some of the key jobs to do and questions that needed to be considered.

The first few actions were to download a model policy (we looked at one from the NAHT and from The Key):

  • Start to put together an internal asset audit
  • Download some model privacy notices.

We also started to note down some of the questions we had that needed some more thought and might need to be taken to governors or discussed more widely with staff. The first things that occurred to us were:

  • Who would be the most appropriate person to be the Data Protection Officer? A senior member of staff, SBM, governor, someone external to the school?
  • How to we make sure that all parents are giving informed consent? At present our standard ‘permissions’ letter going out at the start of each year to parents operates as a negative preference i.e. a parent needs to deliberately opt out otherwise consent is assumed.

Leave a Reply

Your email address will not be published. Required fields are marked *