Best Practice Update

Checklists in navy text by Data Protection Education. Data Protection Services badge.  The DPE Knowledge Bank on a laptop screen

Product Focus on Checklists : Bring your own device

All of our customers have access to the DPE Knowledge Bank which has a Best Practice Checklist area.  Each checklist is designed to help you walk through all aspects of data protection.
The checklist will give you an insight about where your organisation is with data protection from a data privacy and technical security perspective. The checklists form part of the Best Practice library which includes contextualised guidance, documents and resources on specific areas of data processing.  The checklists form part of the ICO Accountability Framework which helps organisations with their governance and corporate risk management where it relates to data protection.    The checklists cover all aspects of the framework, enabling you to assess against organisation baselines:

  1. Leadership & Oversight
  2. Risk Management (DPIA's)
  3. Policies & Procedures
  4. Individual Rights
  5. Contracts & Data Sharing
  6. Transparency
  7. Training & Awareness
  8. Records Management
  9. Monitoring Verification & Reporting (Data Breaches, SARs and FOI's)
  10. Response & Enforcement (SARs and FOI's)

Bring your own device

The Bring your own device checklist looks as the procedures around bringing your own device into the workplace - for schools this could be for staff or students.  It looks as best practice and questions to ask about risk and security.

If you are considering implement a BYOD policy we would also advise reviewing the Government's BYOD Guidance for creating an effective BYOD policy.

Consider reviewing the Information and Cyber Security Best Practice Area alongside the DfE Digital Standards for Schools and Colleges, filtering of student BYOD should be carefully considered inline with the Keeping Children Safe in Education 2023 documentation.

Answer a sample BYOD checklist question:

Are all staff trained on how to recognise a SAR?

Invalid Input


Amazing, you have ticked off an important item on the Subject Access Request checklist:

For further help and guidance and access to the full checklist, please contact This email address is being protected from spambots. You need JavaScript enabled to view it..




Everyone in an organisation should understand how to recognise a subject access request; it doesn't necessarily have to be requested in written form and could even be asked over social media.

Clipart cartoon with headphones on Please contact us for more help and advice about data protection compliance and cyber security standards: This email address is being protected from spambots. You need JavaScript enabled to view it. including the full checklist and best practice.

 


Try asking the data protection  lead, or SLT digital lead in your organisation or contact your DPO.  Is recognising a SAR part of your organisation's regular data protection training?

We can provide help and guidance with data protection compliance, cyber security standards and records management: This email address is being protected from spambots. You need JavaScript enabled to view it. including the full checklist and best practice.




DPE customers can get started on completing the Bring your own device checklist here:

Search