The Trust Initial Plan Checklist has been updated to include a notes area for each section. This will allow you to record any ongoing tasks or actions for each section.

An updated version of the Data Retention Workshop Powerpoint slides has been uploaded to the Records Management Best Practice Area:

The Governors and Data Best Practice area has been updated with some new content from the Norfolk and Suffolk Constabularies.  There is a training video: 'Protecting Yourself and Your School from Cybercrime' and a pdf of the slides from the video. There is input for school governors to highlight the risks presented by cyber crime and the resources and support available to help you improve your organisation's cyber security.

We are often asked to help and advise when it comes to redaction as part of a subject access request.

We launched our Schools Best Practice area at the beginning of this term which includes specific guides and support for schools.  There is also a specific area for Trusts and the Central Team.  The Trusts Central Team section is a specific area for additional requirements and guidance for the central team of a trust and should be used in conjunction with the other tabs in the best practice area.  

Google have recently published some guidance to help IT admins meet the DfE digital and technology standards in schools and colleges.  The guidance takes all of the standards in the Meeting digital and technlogy standards in schools and colleges document and offers advice around the use of Google products in applying the standards.

During our data walks we are looking at data breach risks, in terms of 'Who has access to what data?'.  As part of our walk we may ask who has access to the school other than the employees and children attending, for example, Lettings.  As Lettings usually occur outside of the school working day, physical security can be overlooked or not thought about and so raises the risk of a data breach.  This article is launching our Lettings Checklist for schools which is shown at the end o

Moving MIS is a daunting task and is no small undertaking for a school. Moving to the cloud from a legacy system means that there are cyber security benefits but may be something new to your organisation. There is often the assumption that the new MIS porvider will seamlessly migrate the data for you, however there is a considerable amount of work that the school must do beforehand in order to make this happen.  This article provides some practical guidance and considerations.

Computing Magazine recently reported about the ICO reprimanding seven organisation for domestic abuse breaches in the last 14 months.  A collection of public bodies, charitable organisations, law enforcers and lawyers have made personal data slips when handling domestic abuse cases in the last year, showig abusers where to find their victim is hiding.

We've added a Data Protection Officer badge for your website, or to print out!

These can be used to demonstrate your commitment to compliance with data protection legislation and best practice.

The ICO have published a 10 step guide to sharing information to safeguard children or young people from physical, emotional or mental harm. 

The new guidance addresses concerns from organisations and frontline workers that may be scared to share information for fear of falling foul of data protection law.

The time following a cyber attack can be very stressful, and in the heat of the moment it can be difficult to know what the best thing to do between working out what went wrong, how to recover and what went missing, it can be hard to know where to start first.

We provide some help and guidance in our Information and Cyber Security Best Practice Area, which also includes the checklist:  document What to do immediately after a Cyber Attack (58 KB) .