Registered office: 1 Saltmore Farm | New Inn Rd | Hinxworth | Baldock | SG7 5EZ  |  Telephone: 0800 0862018  |  Email: info@dataprotection.education

Why an audit?

With GDPR coming into force in May 2018, you may only just be starting to consider what is needed and how you can meet the new expectations. This is where we can help and completely remove the worry, ensuring you comply to the new regulations.
What's involved?

Our consultancy provides a detailed review of your readiness for GDPR and an action plan of what to do to ensure compliance. Whilst the audit takes several days, we need only one day in school with you and your staff.

We start with an initial telephone call to plan out the day spent with you - what information is needed and who will need to be available. This is likely to be those with operational focus,  a mixture of governance staff - the Head, the IT Manager, Business Manager, possibly Chair of Governors and other members of the senior staff with an operational focus.   

The day will be spent gathering information and also explaining why it's needed for GDPR compliance. It includes:

  • An analysis of your school's processes and procedures relating to data management, governance and risk management 
  • A full review of the information management systems in place including a high-level data inventory, to log where and how personal data is stored 
  • A review of how well you are meeting the GDPR Data Principles:
    • Transparency
    • Collection and purpose of processing
    • Consent
    • Quality and completeness
    • Data retention
  • A review if any international data transfers apply to your school
  • How ready you are to respond to a data breach
  • Your understanding of the Rights of Data Subjects, and your ability to respond to a subject access request
  • A review of awareness training and organisation-wide data protection by design
  • Roles and responsibilities, including your school's requirement for a Data Protection Officer
  • Your organisation's ability to manage a large-scale compliance project

Analysis

Our data analysis covers over 100 topics and questions about your privacy and information security framework.
 
Recommendations
Your confidential report provides a breakdown of the data analysis - showing strengths and weaknesses within the school as well as a recommended action plan to address requirements for GDPR compliance.