Best Practice Update

    You are here:  
  1. Home
  2. Best Practice Update
A vibrant, graphic image with a deep blue background announces "POLICY UPDATES" in large, white lettering. Below this, smaller text reads: "Our latest document and policy updates are now available!" To the right, a list under the heading "New documents:" highlights two items: Data Rights Complaints Process Subject Access Request Clarification Template A prominent 3D icon in the center shows a large magnifying glass with an orange handle and a blue head, focusing on a white and blue shield. The shield has an orange checkmark in its center. The bottom right corner features a logo for "DATA PROTECTION EDUCATION".
Best Practice Updates

September 2025 Policy and Document Updates

We've updated and added some new policies, including the Data Protection Policy, Model Redaction Guidelines, Data Rights Complaints Process, Freedom of Information Policy, SAR Procedure Template, SAR Response Template, Subject Access Request Clarification Template.  This article shows an amendments made to the documents.

Read more …

A blue graphic with three children peering over a dark blue banner. The banner has white text that reads "Back to School Basics: Data Protection & Cyber Security." To the left of the text is a stack of school books with a red apple on top. To the right is a laptop displaying a logo with the text "Data Protection Education."
Best Practice Updates

Back to School Basics for Data Protection and Cyber Security Compliance

As schools begin to welcome back students, staff and new joiners, the focus is on the new academic year: curriculum planning, safeguarding and operational logistics.  An equally critical and statutory area that demands attention is data protection and cyber security compliance.  Adhering to data protection law isn't just about avoiding fines; it's about protecting sensitive personal data of children, their families and staff.

Read more …

A detailed flowchart titled "Accountability Framework" showing how the ICO (Information Commissioner's Office) framework and DfE (Department for Education) Digital Standard Trackers align. The central hub is "Accountability Framework" with ten radiating branches, each representing a key area: Leadership & Oversight, Risk Management, Policies & Procedures, Individual Rights, Response & Enforcement, Monitoring Verification & Reporting, Transparency, Records Management & Security, Contracts & Data Sharing, and Training & Awareness. Each branch connects to a box labeled "DfE Digital Standard Trackers," with several icons and checklist boxes underneath. The bottom of the image lists various tools and resources, including "Best Practice Library," "Retention Schedule," "Phishing simulations," "Risk Register," and "Accountability Tracker," which are all linked to the main framework. The overall image illustrates a comprehensive system for achieving and tracking data protection compliance in an educational setting.
Best Practice Updates

Building a Secure School: Using the ICO Accountability Framework to Meet DfE Digital Standards

The ICO Accountability Framework is a crucial tool for any organisation handling personal data, providing a structured approach to data protection compliance. When applied to the Department for Education (DfE) Digital Standards, it becomes a powerful mechanism for schools and trusts to ensure their technology and data practices are not only efficient but also legally compliant and secure.

Read more …

A diverse group of smiling children, framed within a large, brightly colored, rainbow-hued shield held by two hands at the bottom. The shield appears to shimmer with light. There are seven children visible within the shield, all looking directly at the viewer with happy expressions. The background is a soft, light blue.
Best Practice Updates

Safeguarding Smiles & Social Media!

As the academic year draws to a close, schools eagerly prepare to celebrate the achievements and fond memories of their students with end of year events. Sports days, graduation ceremonies, academic achievements, leavers events - these occasions are a highlight for pupils, staff and parents and sharing on social  media often seems like the obvious way to share that information and celebration.

Read more …

  1. Preschool Employment tribunal for the use of WhatsApp
  2. Data Breaches 2025 Report Highlights
  3. Not everyone needs access: The Key to Protecting Sensitive Data
  4. West Lothian Schools in Cyber Attack
  5. National Honesty Day: Transparency
  6. FOI Request - BBC News
  7. Social Media and Marketing Guidelines and Training
  8. New Governor Resources
  9. Does stress lead to more data breaches?
  10. World Backup Day
  11. Are teachers using AI? 83% say its a time-saver
  12. DfE Digital Standards - narrowing the digital divide
  13. Arbor AI - On By Default
  14. DfE Guidance: Choosing a new MIS
  15. Sharing photos on World Book Day: Privacy considerations
  16. HCRG Care Group data breach
  17. The Importance of AI literacy and training staff
  18. How to verify visitors the right way
  19. Short Guide to AI Video
  20. Safer Internet Day, Cyber Security & Data Protection
  21. The Cyber Resilience Championship
  22. The Multiple Dimensions of Supplier Due Diligence
  23. School shares sensitive pupil information as part of an FOI response
  24. AI (Artificial Intelligence) Best Practice Area & Policy
  25. Blacon High School Cyber Attack
  26. WhatsApp and FOI's: ICO Warnings
  27. New AI Guidance from the DfE
  28. What the proposed Government legislative proposal around cyber crime means
  29. ICO report on AI tools in recruitment
  30. DfE update to record keeping and management
  31. Update to data sharing for school immunisation programmes
  32. Early Years Settings and Cyber Security
  33. SLT Digital Lead Profile
  34. The role of governors in cyber security and data protection
  35. Navigating Privacy at the End of Term , Special Occasions and End of Year
  36. Contracts Register
  37. DfE Digital Standards Autumn Update
  38. The importance of knowing how to access your CCTV footage!
  39. Cyber Attack on a Special School
  40. Stealing children's data
  41. What is dark data? (and why does it matter?)
  42. Ofqual highlights the value of cyber security training in schools
  43. Searching for data when you receive a Subject Access Request
  44. Fylde Coast Academy Trust Cyber Attack This Week
  45. Calling all IT leads in schools and mult academy trusts!
  46. Ransomware cyber attack on a school in Bromley
  47. Join Our Social Media Family!
  48. School hit by Cyber Attack
  49. Cyber Security Best Practice Area
  50. DfE Digital Standards for Schools and Colleges Tracker
  51. New Policies, Documents, Letters and Posters page
  52. Schools and Trusts Best Practice Area
  53. The DPE Retention Schedule
  54. Making the Rounds Update (now includes reporting)
  55. ESFA Cyber Essentials Requirement for Colleges from 2024/2025
  56. ICO Reprimands a School
  57. Out of date technology
  58. Data Retention and the Pupil File
  59. Have you assigned your SLT Digital Lead yet?
  60. Getting Started with AI (Artificial Intelligence)
  61. Cyber attack on a school during half term
  62. Update to the DfE Digital Cyber Security Standards for Schools and Colleges (May 2024)
  63. The rise of cyber attacks in schools are causing pupils to miss classes
  64. ICO: Learning from the mistakes of others report
  65. Cyber attack on a Trust; the aftermath
  66. School Focus: The Vale Federation | Aylesbury
  67. DfE Dealing with Subject Access Requests (SARs) Guidance
  68. Update to the Guidance on Information Sharing from the DfE
  69. FOI Requests generated by Artificial Intelligence
  70. Social Media Best Practice Area
  71. Lettings Best Practice Area
  72. Appropriate filtering and monitoring definitions
  73. MFA Bombing - What is it?
  74. Protecting your Social Media Accounts
  75. Why we recommend using checklists
  76. Product Focus on Checklists : Initial Trust Plan
  77. Product Focus on Checklists : End of Term Checklist
  78. Product Focus on Checklists : Information and Cyber Security
  79. Product Focus on Checklists : Social Media
  80. Product Focus on Checklists : Lettings
  81. Product Focus on Checklists : Record of Processing
  82. Milk Island: The secret location that allows children to view restricted content on Google Maps
  83. Why Data Should Stay Put: Benefits of Keeping Data in Its Original System
  84. Product Focus on Checklists : Data Retention and Destruction
  85. Product Focus on Checklists : Data Migration
  86. Product Focus on Checklists : Biometrics
  87. Product Focus on Checklists : Supplier Due Diligence
  88. Free Cyber help, advice and training with the Cyber Resilience Centres
  89. The Perils of Paper: The Printing Vulnerability
  90. Product Focus on Checklists : FOI
  91. Product Focus on Checklists : Governors and Data
  92. Product Focus on Checklists : DPIA
  93. Product Focus on Checklists : Site Moves
  94. Product Focus on Checklists : Data Breaches
  95. Product Focus on Checklists : Subject Access Requests
  96. Product Focus on Checklists : Bring your own device
  97. Product Focus on Checklists : Working out of school/offsite
  98. Cyber Attack on a School
  99. Product Focus on Checklists : Redaction
  100. Why Due Diligence is Important: Fake apps
  101. Product Focus on Checklists : CCTV
  102. Product Focus on Checklists : Clear desk
  103. Product Focus on Checklists : Commitment to compliance
  104. Product Focus on Checklists : Photos and video
  105. Product Focus on Checklists : Passwords
  106. Product Focus on Checklists : Information Classification
  107. Free cyber training for staff
  108. DfE Digital Standards Update
  109. The Mother of all Breaches
  110. International Data Transfers (part 1): Navigating Cross-Border Data Transfers: Understanding EU SCCs, UK Addendum, and UK IDTA
  111. ClassCharts Possible Data Breach
  112. Where is your data stored?
  113. IAPP looks at AI privacy risks
  114. If you suspect a financial scam .....
  115. School Focus: St Bernadette's Catholic Primary School | Brighton
  116. Guardians of Privacy: 16. Social Media Checklist
  117. Guardians of Privacy: 15. Navigating Social Media in Educational Settings Summary
  118. Guardians of Privacy: 14. Social Media and Cyber Bullying
  119. Guardians of Privacy: 13. Social Media, Copyright and Intellectual Property
  120. Guardians of Privacy: 12. Social Media and Going Viral
  121. Guardians of Privacy: 11. Staff Social Media Accounts
  122. Guardians of Privacy: 10. Social Media and Cookies
  123. Guardians of Privacy: 9. Social Media and Morality
  124. New Resources for Schools from the ICO
  125. Guardians of Privacy: 8. Social Media Policies
  126. Guardians of Privacy: 7. Social Media Data Retention
  127. Guardians of Privacy: 6. Posting Safely
  128. Guardians of Privacy: 5. Social Media and Consent
  129. Guardians of Privacy: 4. Social Media Access Control
  130. Guardians of Privacy: 3. Social Media Channels
  131. Guardians of Privacy: 2. Law and Regulations
  132. Guardians of Privacy: 1. Social media, privacy and children
  133. The ICO reprimands a Multi Academy Trust
  134. KCSIE: Filtering, Monitoring and Privacy
  135. Guidance for the use of school email and applying email retention in schools
  136. Data Protection Tips for Early Years Settings
  137. Children's Privacy around the world is a puzzle
  138. Trust Initial Plan Checklist Update
  139. Records Management Best Practice Update
  140. Governors and Data Best Practice Area Update
  141. What do I need to redact?
  142. Trust Initial Plan for Data Protection Compliance (for Multi Academy Trusts)
  143. Google for Education Resources: Helping IT Admins meet DfE digital and technology standards
  144. Lettings Best Practice and Guidance
  145. Considerations when migrating to a new MIS
  146. Public bodies and sensitive data
  147. Get a DPE Badge for your website!
  148. ICO: 10 Step guide to sharing information to safeguard children
  149. Help after a Cyber Attack/Incident
  150. Data Protection and Cyber Security (Inset Day) Training Ideas
  151. How KCSIE is linked to Cyber Strategy
  152. Handling Freedom of Information Requests the right way
  153. Where's Harry the Hacker?
  154. The ICO Reprimands a school
  155. Redaction Guidelines Updated
  156. Using WhatsApp in Schools
  157. How to contact us for support, subject access requests, data breaches and FOI's
  158. FOI: Reinforced Autoclaved Aerated Concrete
  159. FOI: Henry Jackson Society
  160. FOI: Vaccination Justifications
  161. How the Record of Processing Can Help You
  162. What does a Data Protection Officer Do?
  163. Carrying out Supplier Due Diligence
  164. How Long Should You Keep Personal Data For?
  165. B&H FoI: Racist/religious incidents/bullying
  166. Protocol for Setting Up and Delivery of Online Teaching and Learning
  167. Class Dojo International Data Sharing
  168. Model Publication Scheme: Amendments, Improvements and Updates
  169. Transparency
  170. SAR? ER? FOI?
  171. Research projects and GDPR
  172. Secure file transfer of files using Royal Mail
  173. Emergency contacts and consent
  174. Key elements of a successful DPIA
  175. FOI Publication Schemes
  176. Best Practice for Managing Photos and Video
  177. New Drip Feeds: Recognise and Respond to Subject Access Request
  178. When to contact the Data Protection Officer?
  179. National child measurement programme
  180. Make sure DPE is your registered DPO with the ICO
  181. Headteacher fined for breach of data protection legislation
  182. Acceptable Use Policy
©2025 Data Protection Education Ltd.

Search