Best Practice Update

    You are here:  
  1. Home
  2. Best Practice Update
Image of two CCTV cameras and text: ' CCTV Policy Update'
Best Practice Updates

CCTV Policy update: retention

We've updated the CCTV policy to consider the requirements of retention, especially over the summer holiday.

There may be situations where at the start of a summer holiday a subject access request comes in for CCTV footage - but there are no resources available in school to stop the footage from being deleted under the regular retention schedule. 

Therefore, where organisations are unable to access and retrieve this footage over the holidays, we recommend extending the re

Read more …

A man's hand, seen from the side, reaches forward with his index finger extended, seemingly to touch a floating, transparent button with the word "COMPLAINTS" on it. Above the button, in large white text, are the words "Data Rights" and "vs General." The background is a blurry, dark office setting with faint hexagonal shapes overlaid on it. In the bottom right corner is a logo for "Data Protection Officer."
Best Practice Updates

Complaints vs. Data Rights: A Guide

With the recent Data Use and Access Act, organisations must now be more precise than ever about how they handle data rights concerns; the complaints process for data rights is clarified and formalised. This article discusses best practice around which complaints process to use when you receive a complaint.

Read more …

A vibrant, graphic image with a deep blue background announces "POLICY UPDATES" in large, white lettering. Below this, smaller text reads: "Our latest document and policy updates are now available!" To the right, a list under the heading "New documents:" highlights two items: Data Rights Complaints Process Subject Access Request Clarification Template A prominent 3D icon in the center shows a large magnifying glass with an orange handle and a blue head, focusing on a white and blue shield. The shield has an orange checkmark in its center. The bottom right corner features a logo for "DATA PROTECTION EDUCATION".
Best Practice Updates

September 2025 Policy and Document Updates

We've updated and added some new policies, including the Data Protection Policy, Model Redaction Guidelines, Data Rights Complaints Process, Freedom of Information Policy, SAR Procedure Template, SAR Response Template, Subject Access Request Clarification Template.  This article shows an amendments made to the documents.

Read more …

A blue graphic with three children peering over a dark blue banner. The banner has white text that reads "Back to School Basics: Data Protection & Cyber Security." To the left of the text is a stack of school books with a red apple on top. To the right is a laptop displaying a logo with the text "Data Protection Education."
Best Practice Updates

Back to School Basics for Data Protection and Cyber Security Compliance

As schools begin to welcome back students, staff and new joiners, the focus is on the new academic year: curriculum planning, safeguarding and operational logistics.  An equally critical and statutory area that demands attention is data protection and cyber security compliance.  Adhering to data protection law isn't just about avoiding fines; it's about protecting sensitive personal data of children, their families and staff.

Read more …

  1. Building a Secure School: Using the ICO Accountability Framework to Meet DfE Digital Standards
  2. Why Physical and Data Security Must Go Hand-In-Hand
  3. Digital Safeguarding: DfE announces statutory DfE Digital Standards
  4. Safeguarding Smiles & Social Media!
  5. The Data Protection Lead/Champion Role
  6. Changes to the Academy Trust Handbook 2025
  7. Social Media Day 2025
  8. How Ofsted looks at AI during inspection and regulation
  9. New DfE AI Guidance
  10. Preschool Employment tribunal for the use of WhatsApp
  11. Data Breaches 2025 Report Highlights
  12. Not everyone needs access: The Key to Protecting Sensitive Data
  13. West Lothian Schools in Cyber Attack
  14. National Honesty Day: Transparency
  15. FOI Request - BBC News
  16. Social Media and Marketing Guidelines and Training
  17. New Governor Resources
  18. Does stress lead to more data breaches?
  19. World Backup Day
  20. Are teachers using AI? 83% say its a time-saver
  21. DfE Digital Standards - narrowing the digital divide
  22. Arbor AI - On By Default
  23. DfE Guidance: Choosing a new MIS
  24. Sharing photos on World Book Day: Privacy considerations
  25. HCRG Care Group data breach
  26. The Importance of AI literacy and training staff
  27. How to verify visitors the right way
  28. Short Guide to AI Video
  29. Safer Internet Day, Cyber Security & Data Protection
  30. The Cyber Resilience Championship
  31. The Multiple Dimensions of Supplier Due Diligence
  32. School shares sensitive pupil information as part of an FOI response
  33. AI (Artificial Intelligence) Best Practice Area & Policy
  34. Blacon High School Cyber Attack
  35. WhatsApp and FOI's: ICO Warnings
  36. New AI Guidance from the DfE
  37. What the proposed Government legislative proposal around cyber crime means
  38. ICO report on AI tools in recruitment
  39. DfE update to record keeping and management
  40. Update to data sharing for school immunisation programmes
  41. Early Years Settings and Cyber Security
  42. SLT Digital Lead Profile
  43. The role of governors in cyber security and data protection
  44. Navigating Privacy at the End of Term , Special Occasions and End of Year
  45. Contracts Register
  46. DfE Digital Standards Autumn Update
  47. The importance of knowing how to access your CCTV footage!
  48. Cyber Attack on a Special School
  49. Stealing children's data
  50. What is dark data? (and why does it matter?)
  51. Ofqual highlights the value of cyber security training in schools
  52. Searching for data when you receive a Subject Access Request
  53. Fylde Coast Academy Trust Cyber Attack This Week
  54. Calling all IT leads in schools and mult academy trusts!
  55. Ransomware cyber attack on a school in Bromley
  56. Join Our Social Media Family!
  57. School hit by Cyber Attack
  58. Cyber Security Best Practice Area
  59. DfE Digital Standards for Schools and Colleges Tracker
  60. New Policies, Documents, Letters and Posters page
  61. Schools and Trusts Best Practice Area
  62. The DPE Retention Schedule
  63. Making the Rounds Update (now includes reporting)
  64. ESFA Cyber Essentials Requirement for Colleges from 2024/2025
  65. ICO Reprimands a School
  66. Out of date technology
  67. Data Retention and the Pupil File
  68. Have you assigned your SLT Digital Lead yet?
  69. Getting Started with AI (Artificial Intelligence)
  70. Cyber attack on a school during half term
  71. Update to the DfE Digital Cyber Security Standards for Schools and Colleges (May 2024)
  72. The rise of cyber attacks in schools are causing pupils to miss classes
  73. ICO: Learning from the mistakes of others report
  74. Cyber attack on a Trust; the aftermath
  75. School Focus: The Vale Federation | Aylesbury
  76. DfE Dealing with Subject Access Requests (SARs) Guidance
  77. Update to the Guidance on Information Sharing from the DfE
  78. FOI Requests generated by Artificial Intelligence
  79. Social Media Best Practice Area
  80. Lettings Best Practice Area
  81. Appropriate filtering and monitoring definitions
  82. MFA Bombing - What is it?
  83. Protecting your Social Media Accounts
  84. Why we recommend using checklists
  85. Product Focus on Checklists : Initial Trust Plan
  86. Product Focus on Checklists : End of Term Checklist
  87. Product Focus on Checklists : Information and Cyber Security
  88. Product Focus on Checklists : Social Media
  89. Product Focus on Checklists : Lettings
  90. Product Focus on Checklists : Record of Processing
  91. Milk Island: The secret location that allows children to view restricted content on Google Maps
  92. Why Data Should Stay Put: Benefits of Keeping Data in Its Original System
  93. Product Focus on Checklists : Data Retention and Destruction
  94. Product Focus on Checklists : Data Migration
  95. Product Focus on Checklists : Biometrics
  96. Product Focus on Checklists : Supplier Due Diligence
  97. Free Cyber help, advice and training with the Cyber Resilience Centres
  98. The Perils of Paper: The Printing Vulnerability
  99. Product Focus on Checklists : FOI
  100. Product Focus on Checklists : Governors and Data
  101. Product Focus on Checklists : DPIA
  102. Product Focus on Checklists : Site Moves
  103. Product Focus on Checklists : Data Breaches
  104. Product Focus on Checklists : Subject Access Requests
  105. Product Focus on Checklists : Bring your own device
  106. Product Focus on Checklists : Working out of school/offsite
  107. Cyber Attack on a School
  108. Product Focus on Checklists : Redaction
  109. Why Due Diligence is Important: Fake apps
  110. Product Focus on Checklists : CCTV
  111. Product Focus on Checklists : Clear desk
  112. Product Focus on Checklists : Commitment to compliance
  113. Product Focus on Checklists : Photos and video
  114. Product Focus on Checklists : Passwords
  115. Product Focus on Checklists : Information Classification
  116. Free cyber training for staff
  117. DfE Digital Standards Update
  118. The Mother of all Breaches
  119. International Data Transfers (part 1): Navigating Cross-Border Data Transfers: Understanding EU SCCs, UK Addendum, and UK IDTA
  120. ClassCharts Possible Data Breach
  121. Where is your data stored?
  122. IAPP looks at AI privacy risks
  123. If you suspect a financial scam .....
  124. School Focus: St Bernadette's Catholic Primary School | Brighton
  125. Guardians of Privacy: 16. Social Media Checklist
  126. Guardians of Privacy: 15. Navigating Social Media in Educational Settings Summary
  127. Guardians of Privacy: 14. Social Media and Cyber Bullying
  128. Guardians of Privacy: 13. Social Media, Copyright and Intellectual Property
  129. Guardians of Privacy: 12. Social Media and Going Viral
  130. Guardians of Privacy: 11. Staff Social Media Accounts
  131. Guardians of Privacy: 10. Social Media and Cookies
  132. Guardians of Privacy: 9. Social Media and Morality
  133. New Resources for Schools from the ICO
  134. Guardians of Privacy: 8. Social Media Policies
  135. Guardians of Privacy: 7. Social Media Data Retention
  136. Guardians of Privacy: 6. Posting Safely
  137. Guardians of Privacy: 5. Social Media and Consent
  138. Guardians of Privacy: 4. Social Media Access Control
  139. Guardians of Privacy: 3. Social Media Channels
  140. Guardians of Privacy: 2. Law and Regulations
  141. Guardians of Privacy: 1. Social media, privacy and children
  142. The ICO reprimands a Multi Academy Trust
  143. KCSIE: Filtering, Monitoring and Privacy
  144. Guidance for the use of school email and applying email retention in schools
  145. Data Protection Tips for Early Years Settings
  146. Children's Privacy around the world is a puzzle
  147. Trust Initial Plan Checklist Update
  148. Records Management Best Practice Update
  149. Governors and Data Best Practice Area Update
  150. What do I need to redact?
  151. Trust Initial Plan for Data Protection Compliance (for Multi Academy Trusts)
  152. Google for Education Resources: Helping IT Admins meet DfE digital and technology standards
  153. Lettings Best Practice and Guidance
  154. Considerations when migrating to a new MIS
  155. Public bodies and sensitive data
  156. Get a DPE Badge for your website!
  157. ICO: 10 Step guide to sharing information to safeguard children
  158. Help after a Cyber Attack/Incident
  159. Data Protection and Cyber Security (Inset Day) Training Ideas
  160. How KCSIE is linked to Cyber Strategy
  161. Handling Freedom of Information Requests the right way
  162. Where's Harry the Hacker?
  163. The ICO Reprimands a school
  164. Redaction Guidelines Updated
  165. Using WhatsApp in Schools
  166. How to contact us for support, subject access requests, data breaches and FOI's
  167. FOI: Reinforced Autoclaved Aerated Concrete
  168. FOI: Henry Jackson Society
  169. FOI: Vaccination Justifications
  170. How the Record of Processing Can Help You
  171. What does a Data Protection Officer Do?
  172. Carrying out Supplier Due Diligence
  173. How Long Should You Keep Personal Data For?
  174. B&H FoI: Racist/religious incidents/bullying
  175. Protocol for Setting Up and Delivery of Online Teaching and Learning
  176. Class Dojo International Data Sharing
  177. Model Publication Scheme: Amendments, Improvements and Updates
  178. Transparency
  179. Parents and students covertly recording conversations
  180. SAR? ER? FOI?
  181. Research projects and GDPR
  182. Secure file transfer of files using Royal Mail
  183. Emergency contacts and consent
  184. Key elements of a successful DPIA
  185. FOI Publication Schemes
  186. Best Practice for Managing Photos and Video
  187. New Drip Feeds: Recognise and Respond to Subject Access Request
  188. When to contact the Data Protection Officer?
  189. National child measurement programme
  190. Make sure DPE is your registered DPO with the ICO
  191. Headteacher fined for breach of data protection legislation
  192. Acceptable Use Policy
©2025 Data Protection Education Ltd.

Search