News

Join us for our latest podcast episode breaking down the key changes introduced by the UK's new Data (Use and Access) Act (DUAA), explaining its phased rollout and objectives.

It clarifies that the Act amends, rather than replaces, existing data protection laws like the UK GDPR and Data Protection Act 2018. The discussion covers the shift from the ICO to the Information Commission, the introduction of 'Recognised Legitimate Interests' as a lawful basis for processing data, refined

When will the Data Use and Access Bill become law?

The UK's data governance is undergoing change with the Data (Use and Access) Act (DUAA) receiving Royal Ascent and passing onto the statue books on 19th June 2025. Though it is becoming law, additional guidance is yet to emerge on the detail - some of the Act's provisions need a commencement order to take effect, with the next one expected on October 1, 2025. However, some parts of the Act will come into force imme

📢📢 Our MAT Conference is coming in 2026...... Save the date!


More information can be found about our speakers and the venue, Woodland Grange, Leamington Spa here 👉

DPE MAT Conference 2026

Speakers from the ICO, DfE and the Chief Commissioner - Data and Marketing Commission.

And of course a DPE goody bag! 🛍️

Join us for our first DPE podcast! Data Protection Training for School Staff

This podcast episode provides an overview of the Data Protection Education's 2024 training update, focusing on the legal framework and practical guidance for data protection in the workplace. The discussion covers key definitions like UK GDPR, Data Controller, Data Processor, Personal Data, and Data Protection Officer. It also highlights the importance of data protection in preventing breaches and fostering a strong

🤖 📢  The DfE has issued some training and guidance about the use of AI in Education.  The guidance aims to help educators safely and effectively use AI to enhance the classroom experience and reduce teacher workload.

😎☀️ Did you know there is an increase in cyber attacks on a long weekend, half term and end of term, so a period of heightened cyber risk.  This article gives some advice about what you need to have in place - it's particularly important that you are able to monitor your network during the long Summer break.

📳What's Up with WhatsApp? WhatsApp is a regular theme in relation to SARs, FOI's, data breaches and general use as tickets into our Knowledge Bank platform.  Emma Martins, Chief Commissioner of the Data and Marketing Commission has worked with us to produce some guidance following the recent employment tribunal that was published in relation to a preschool.

Fraud is deception used to gain something valuable (money, goods, services or information) from someone else's dishonesty. We are seeing a lot of blended cyber attacks in the news currently where social engineering might then be combined with an impersonation followed by a ransomware attack, in order to take data and/or money.

The GOV.UK Cyber Security Breaches Survey 2025 is out and reveals that 43% of UK businesses and 30% of charities experienced a cyber security breach or attack in the last 12 months.  We review and highlight some key data protection points.

🚫🔒 Sensitive data requires a higher level of security under UK GDPR because of its potential to cause significant harm to individuals if it is lost, stolen or misused.  A recent case of a teacher losing their job after accessing a safeguarding report and transcribing it to her personal computer highlights the both the importance for least privilege access and continual review of access.

📢 Another school has been hit with a cyber attack which has resulted in parent contact information being breached.

📢 We've received several phishing emails from schools recently that look like they are sharing a Microsoft file or folder with us.

Framlingham College, a boarding and day school for pupils aged 3 to 18 has said it identified a 'cyber security incident'.

A group of 13 secondary schools, 69 primary schools and 61 nurseries in West Lothian have suffered a cyber attack.

🛡️🕷️ The Scattered Spider is a fast-growing group of cyber attackers currently on the attack and possibly attributed to the recent attack on M & S - they don't just break in and grab one thing, they like to cause as much chaos as possible and then ask for a ransom.

📢 This week the news has reported cyber attacks on several major UK retailers: Marks and Spencer, the Co-op and Harrods, all of which have given everyone a stark reminder of the ever-present and evolving threat of cyber crime.

🔒 It's World Password Day - a reminder to check how secure your passwords are and where you store that information.  There's a lot of password help and advice out there which can be confusing.  We highlight the basic things you need to be thinking about.

⚖️🛡️ National Honesty Day, although one day to highlight the importance of honesty, it reminds us of how importance truth is in the realms of data protection and cyber security and how it should be part of an organisation's fundamental beliefs and ethos.

This article shares advice we have given to several customers who have received an FOI request from the BBC News about conducting research into the challenges of handling harmful sexual behaviour in schools.

📢 Thinking about your training for inset days in September? Then look no further and book onto our online training sessions.

📢📱 We've updated our Social Media Best Practice Area to include more information about marketing, including a new training course.

📢🏛️ We've published some new resources for governing bodies about data protection and cyber security.  Governors can be added to our Knowledge Bank platform as part of your subscription with us at no extra charge.

😓💻  When organisations approach the end of a busy and stressful time, or as they rush to finish for a long weekend or holiday, we see a huge spike in data breaches reported to us. 

🔄☁️ Having a robust backup is being prepared against data loss and data theft.  March 31st is World Backup day to remind everyone of the importance of having a robust and accessible backup.

🤖🕒 Most meetings we are having with schools at the moment feature conversations and questions around the use of AI by staff in  organisations.  It's clear the landscape is rapidly evolving and education may not be moving as fast, however, it does help to be prepared.

💻📢 The DfE are seeking views on proposals for narrowing the digital divide in schools and colleges.  It outlines the DfE's long-term vision for narrowing the digital divide in schools and colleges.

💻 ⚠️ Arbor recently announced that it was including some AI as part of it's default configuration - some customers have raised questions about this with us.

✅📃 An MIS (management information system) is a critical part of the school's day to day operations and digital infrastructure.  They can be on premise or in the cloud, which means contract terms can differ.  We highlight the latest guidance alongside what is already data protection law - you should follow this, even if you are procuring your MIS through your local authority or third party IT provider.

📸✅ It's World Book Day on the 6th March when most schools will be celebrating reading and capturing photos of staff and students in their costumes.   Given this is one of many significant photographic events in the calendar, we thought it was a good opportunity to remind everyone of photo and video best practice.

Some of our customers have been affected by the data breach reported by the HCRG Care Group.  The group is currently investigating claims by a ransomware group that more than two terabytes of sensitive information has been breached.