Best Practice Update

photo of a hand holding a phone with whatsapp on the screen. Beige background and black text: What's up with WhatsApp? Emma Martins, Chief Commissioner of the Data & Marketing Commission and Data Protection Education have teamed together to give you a comprehensive overview of the risks, recent cases and guidelines about using WhatsApp.

Preschool Employment tribunal for the use of WhatsApp

📳What's Up with WhatsApp? WhatsApp is a regular theme in relation to SARs, FOI's, data breaches and general use as tickets into our Knowledge Bank platform.  Emma Martins, Chief Commissioner of the Data and Marketing Commission has worked with us to produce some guidance following the recent employment tribunal that was published in relation to a preschool.

Read more …

AI generated photo of the back of a  computer screen with hands on a keyboard. Blue padlock with white text saying: Not everyone should have access.  White background and black text: The key to protecting sensitive data : least privilege. Recent dismissal case in Nottinghamshire

Not everyone needs access: The Key to Protecting Sensitive Data

Sensitive data requires a higher level of security under UK GDPR because of its potential to cause significant harm to individuals if it is lost, stolen or misused.  A recent case of a teacher losing their job after accessing a safeguarding report and transcribing it to her personal computer highlights the both the importance for least privilege access and continual review of access.

Read more …

  1. DfE Digital Standards - narrowing the digital divide
  2. Arbor AI - On By Default
  3. DfE Guidance: Choosing a new MIS
  4. Sharing photos on World Book Day: Privacy considerations
  5. HCRG Care Group data breach
  6. DPE MAT Conference 2026 - Save the Date!
  7. The Importance of AI literacy and training staff
  8. How to verify visitors the right way
  9. Short Guide to AI Video
  10. Safer Internet Day, Cyber Security & Data Protection
  11. The Cyber Resilience Championship
  12. The Multiple Dimensions of Supplier Due Diligence
  13. New Data Protection Fees
  14. School shares sensitive pupil information as part of an FOI response
  15. AI (Artificial Intelligence) Best Practice Area & Policy
  16. Blacon High School Cyber Attack
  17. WhatsApp and FOI's: ICO Warnings
  18. New AI Guidance from the DfE
  19. What the proposed Government legislative proposal around cyber crime means
  20. DPE Webinar Schedule
  21. ICO report on AI tools in recruitment
  22. DfE update to record keeping and management
  23. Update to data sharing for school immunisation programmes
  24. Early Years Settings and Cyber Security
  25. SLT Digital Lead Profile
  26. The role of governors in cyber security and data protection
  27. Navigating Privacy at the End of Term , Special Occasions and End of Year
  28. Contracts Register
  29. DfE Digital Standards Autumn Update
  30. The importance of knowing how to access your CCTV footage!
  31. Cyber Attack on a Special School
  32. Stealing children's data
  33. What is dark data? (and why does it matter?)
  34. Ofqual highlights the value of cyber security training in schools
  35. Searching for data when you receive a Subject Access Request
  36. Fylde Coast Academy Trust Cyber Attack This Week
  37. Calling all IT leads in schools and mult academy trusts!
  38. Ransomware cyber attack on a school in Bromley
  39. The Data Protection Lead/Champion Role
  40. Join Our Social Media Family!
  41. School hit by Cyber Attack
  42. New Academic Year Kick-Off!
  43. Cyber Security Best Practice Area
  44. DfE Digital Standards for Schools and Colleges Tracker
  45. New Policies, Documents, Letters and Posters page
  46. Schools and Trusts Best Practice Area
  47. The DPE Retention Schedule
  48. Making the Rounds Update (now includes reporting)
  49. ESFA Cyber Essentials Requirement for Colleges from 2024/2025
  50. ICO Reprimands a School
  51. Navigating Privacy at the End of Term , Special Occasions and End of Year
  52. Out of date technology
  53. Data Retention and the Pupil File
  54. Have you assigned your SLT Digital Lead yet?
  55. Getting Started with AI (Artificial Intelligence)
  56. Cyber attack on a school during half term
  57. Update to the DfE Digital Cyber Security Standards for Schools and Colleges (May 2024)
  58. The rise of cyber attacks in schools are causing pupils to miss classes
  59. ICO: Learning from the mistakes of others report
  60. Cyber attack on a Trust; the aftermath
  61. School Focus: The Vale Federation | Aylesbury
  62. DfE Dealing with Subject Access Requests (SARs) Guidance
  63. Update to the Guidance on Information Sharing from the DfE
  64. FOI Requests generated by Artificial Intelligence
  65. Social Media Best Practice Area
  66. Lettings Best Practice Area
  67. Appropriate filtering and monitoring definitions
  68. MFA Bombing - What is it?
  69. Protecting your Social Media Accounts
  70. Why we recommend using checklists
  71. Product Focus on Checklists : Initial Trust Plan
  72. Product Focus on Checklists : End of Term Checklist
  73. Product Focus on Checklists : Information and Cyber Security
  74. Product Focus on Checklists : Social Media
  75. Product Focus on Checklists : Lettings
  76. Product Focus on Checklists : Record of Processing
  77. Milk Island: The secret location that allows children to view restricted content on Google Maps
  78. Why Data Should Stay Put: Benefits of Keeping Data in Its Original System
  79. Product Focus on Checklists : Data Retention and Destruction
  80. Product Focus on Checklists : Data Migration
  81. Product Focus on Checklists : Biometrics
  82. Product Focus on Checklists : Supplier Due Diligence
  83. Free Cyber help, advice and training with the Cyber Resilience Centres
  84. The Perils of Paper: The Printing Vulnerability
  85. Product Focus on Checklists : FOI
  86. Product Focus on Checklists : Governors and Data
  87. Product Focus on Checklists : DPIA
  88. Product Focus on Checklists : Site Moves
  89. Product Focus on Checklists : Data Breaches
  90. Product Focus on Checklists : Subject Access Requests
  91. Product Focus on Checklists : Bring your own device
  92. Product Focus on Checklists : Working out of school/offsite
  93. Cyber Attack on a School
  94. Product Focus on Checklists : Redaction
  95. Why Due Diligence is Important: Fake apps
  96. Product Focus on Checklists : CCTV
  97. Product Focus on Checklists : Clear desk
  98. Product Focus on Checklists : Commitment to compliance
  99. Product Focus on Checklists : Photos and video
  100. Product Focus on Checklists : Passwords
  101. Product Focus on Checklists : Information Classification
  102. Free cyber training for staff
  103. DfE Digital Standards Update
  104. The Mother of all Breaches
  105. International Data Transfers (part 1): Navigating Cross-Border Data Transfers: Understanding EU SCCs, UK Addendum, and UK IDTA
  106. ClassCharts Possible Data Breach
  107. Where is your data stored?
  108. IAPP looks at AI privacy risks
  109. If you suspect a financial scam .....
  110. School Focus: St Bernadette's Catholic Primary School | Brighton
  111. Guardians of Privacy: 16. Social Media Checklist
  112. Guardians of Privacy: 15. Navigating Social Media in Educational Settings Summary
  113. Guardians of Privacy: 14. Social Media and Cyber Bullying
  114. Guardians of Privacy: 13. Social Media, Copyright and Intellectual Property
  115. Guardians of Privacy: 12. Social Media and Going Viral
  116. Guardians of Privacy: 11. Staff Social Media Accounts
  117. Guardians of Privacy: 10. Social Media and Cookies
  118. Guardians of Privacy: 9. Social Media and Morality
  119. New Resources for Schools from the ICO
  120. Guardians of Privacy: 8. Social Media Policies
  121. Guardians of Privacy: 7. Social Media Data Retention
  122. Guardians of Privacy: 6. Posting Safely
  123. Guardians of Privacy: 5. Social Media and Consent
  124. Guardians of Privacy: 4. Social Media Access Control
  125. Guardians of Privacy: 3. Social Media Channels
  126. Guardians of Privacy: 2. Law and Regulations
  127. Guardians of Privacy: 1. Social media, privacy and children
  128. The ICO reprimands a Multi Academy Trust
  129. KCSIE: Filtering, Monitoring and Privacy
  130. Guidance for the use of school email and applying email retention in schools
  131. Data Protection Tips for Early Years Settings
  132. Children's Privacy around the world is a puzzle
  133. Trust Initial Plan Checklist Update
  134. Records Management Best Practice Update
  135. Governors and Data Best Practice Area Update
  136. What do I need to redact?
  137. Trust Initial Plan for Data Protection Compliance (for Multi Academy Trusts)
  138. Google for Education Resources: Helping IT Admins meet DfE digital and technology standards
  139. Lettings Best Practice and Guidance
  140. Considerations when migrating to a new MIS
  141. Public bodies and sensitive data
  142. Get a DPE Badge for your website!
  143. ICO: 10 Step guide to sharing information to safeguard children
  144. Help after a Cyber Attack/Incident
  145. Data Protection and Cyber Security (Inset Day) Training Ideas
  146. How KCSIE is linked to Cyber Strategy
  147. Handling Freedom of Information Requests the right way
  148. Where's Harry the Hacker?
  149. The ICO Reprimands a school
  150. Subject Access Requests (SARs)
  151. Redaction Guidelines Updated
  152. Using WhatsApp in Schools
  153. How to contact us for support, subject access requests, data breaches and FOI's
  154. FOI: Reinforced Autoclaved Aerated Concrete
  155. FOI: Henry Jackson Society
  156. FOI: Vaccination Justifications
  157. How the Record of Processing Can Help You
  158. What does a Data Protection Officer Do?
  159. Blog: Best Practice on the Retention of Child Protection Information
  160. Carrying out Supplier Due Diligence
  161. Email and retention periods
  162. How Long Should You Keep Personal Data For?
  163. Sharing this year’s Nativity play online
  164. B&H FoI: Racist/religious incidents/bullying
  165. Protocol for Setting Up and Delivery of Online Teaching and Learning
  166. Class Dojo International Data Sharing
  167. Model Publication Scheme: Amendments, Improvements and Updates
  168. Transparency
  169. Parents and students covertly recording conversations
  170. SAR? ER? FOI?
  171. Research projects and GDPR
  172. Secure file transfer of files using Royal Mail
  173. Emergency contacts and consent
  174. Key elements of a successful DPIA
  175. FOI Publication Schemes
  176. Best Practice for Managing Photos and Video
  177. New Drip Feeds: Recognise and Respond to Subject Access Request
  178. When to contact the Data Protection Officer?
  179. National child measurement programme
  180. Make sure DPE is your registered DPO with the ICO
  181. Headteacher fined for breach of data protection legislation

Search