Best Practice Update

A White keyboard with a blue key with white text saying Subject Access Request

DfE Dealing with Subject Access Requests (SARs) Guidance

The DfE have recently published updates to their Data Protection toolkit.  Previously there had been very little guidance in the toolkit about how to respond to Subject Access Requests.  There is now a specific section on this and an extra update about responding to other data rights requests such as changing, deleting or restricting of personal information.

Read more …

  1. Product Focus on Checklists : Social Media
  2. Product Focus on Checklists : Lettings
  3. Product Focus on Checklists : Record of Processing
  4. Milk Island: The secret location that allows children to view restricted content on Google Maps
  5. Why Data Should Stay Put: Benefits of Keeping Data in Its Original System
  6. Product Focus on Checklists : Data Retention and Destruction
  7. Product Focus on Checklists : Data Migration
  8. Product Focus on Checklists : Biometrics
  9. Product Focus on Checklists : Supplier Due Diligence
  10. Free Cyber help, advice and training with the Cyber Resilience Centres
  11. The Perils of Paper: The Printing Vulnerability
  12. Product Focus on Checklists : FOI
  13. Product Focus on Checklists : Governors and Data
  14. Product Focus on Checklists : DPIA
  15. Product Focus on Checklists : Site Moves
  16. Product Focus on Checklists : Data Breaches
  17. Product Focus on Checklists : Subject Access Requests
  18. Product Focus on Checklists : Bring your own device
  19. Product Focus on Checklists : Working out of school/offsite
  20. Cyber Attack on a School
  21. Product Focus on Checklists : Redaction
  22. Why Due Diligence is Important: Fake apps
  23. Product Focus on Checklists : CCTV
  24. Product Focus on Checklists : Clear desk
  25. Product Focus on Checklists : Commitment to compliance
  26. Product Focus on Checklists : Photos and video
  27. Product Focus on Checklists : Passwords
  28. Product Focus on Checklists : Information Classification
  29. Free cyber training for staff
  30. DfE Digital Standards Update
  31. The Mother of all Breaches
  32. International Data Transfers (part 1): Navigating Cross-Border Data Transfers: Understanding EU SCCs, UK Addendum, and UK IDTA
  33. ClassCharts Possible Data Breach
  34. Where is your data stored?
  35. IAPP looks at AI privacy risks
  36. If you suspect a financial scam .....
  37. School Focus: St Bernadette's Catholic Primary School | Brighton
  38. Guardians of Privacy: 16. Social Media Checklist
  39. Guardians of Privacy: 15. Navigating Social Media in Educational Settings Summary
  40. Guardians of Privacy: 14. Social Media and Cyber Bullying
  41. Guardians of Privacy: 13. Social Media, Copyright and Intellectual Property
  42. Guardians of Privacy: 12. Social Media and Going Viral
  43. Guardians of Privacy: 11. Staff Social Media Accounts
  44. Guardians of Privacy: 10. Social Media and Cookies
  45. Guardians of Privacy: 9. Social Media and Morality
  46. New Resources for Schools from the ICO
  47. Guardians of Privacy: 8. Social Media Policies
  48. Guardians of Privacy: 7. Social Media Data Retention
  49. Guardians of Privacy: 6. Posting Safely
  50. Guardians of Privacy: 5. Social Media and Consent
  51. Guardians of Privacy: 4. Social Media Access Control
  52. Guardians of Privacy: 3. Social Media Channels
  53. Guardians of Privacy: 2. Law and Regulations
  54. Guardians of Privacy: 1. Social media, privacy and children
  55. The ICO reprimands a Multi Academy Trust
  56. KCSIE: Filtering, Monitoring and Privacy
  57. Guidance for the use of school email and applying email retention in schools
  58. Data Protection Tips for Early Years Settings
  59. Children's Privacy around the world is a puzzle
  60. Trust Initial Plan Checklist Update
  61. Records Management Best Practice Update
  62. Governors and Data Best Practice Area Update
  63. What do I need to redact?
  64. Trust Initial Plan for Data Protection Compliance (for Multi Academy Trusts)
  65. Google for Education Resources: Helping IT Admins meet DfE digital and technology standards
  66. Lettings Best Practice and Guidance
  67. Considerations when migrating to a new MIS
  68. Public bodies and sensitive data
  69. Get a DPE Badge for your website!
  70. ICO: 10 Step guide to sharing information to safeguard children
  71. Help after a Cyber Attack/Incident
  72. Data Protection and Cyber Security (Inset Day) Training Ideas
  73. How KCSIE is linked to Cyber Strategy
  74. Handling Freedom of Information Requests the right way
  75. Where's Harry the Hacker?
  76. The ICO Reprimands a school
  77. Redaction Guidelines Updated
  78. Using WhatsApp in Schools
  79. How to contact us for support, subject access requests, data breaches and FOI's
  80. FOI: Reinforced Autoclaved Aerated Concrete
  81. FOI: Henry Jackson Society
  82. FOI: Vaccination Justifications
  83. How the Record of Processing Can Help You
  84. What does a Data Protection Officer Do?
  85. Blog: Best Practice on the Retention of Child Protection Information
  86. Carrying out Supplier Due Diligence
  87. Email and retention periods
  88. How Long Should You Keep Personal Data For?
  89. Sharing this year’s Nativity play online
  90. B&H FoI: Racist/religious incidents/bullying
  91. Protocol for Setting Up and Delivery of Online Teaching and Learning
  92. Class Dojo International Data Sharing
  93. Model Publication Scheme: Amendments, Improvements and Updates
  94. Transparency
  95. Parents and students covertly recording conversations
  96. SAR? ER? FOI?
  97. Research projects and GDPR
  98. Secure file transfer of files using Royal Mail
  99. Emergency contacts and consent
  100. Key elements of a successful DPIA
  101. FOI Publication Schemes
  102. Best Practice for Managing Photos and Video
  103. New Drip Feeds: Recognise and Respond to Subject Access Request
  104. When to contact the Data Protection Officer?
  105. National child measurement programme
  106. Make sure DPE is your registered DPO with the ICO
  107. Headteacher fined for breach of data protection legislation
  108. Acceptable Use Policy

Search