Photo of blocks and notepads with the words, honesty, integrity, values and ethics in red ink. Above the photo in white on black: National Honesty Day: How transparent is your organisation?

⚖️🛡️ National Honesty Day, although one day to highlight the importance of honesty, it reminds us of how importance truth is in the realms of data protection and cyber security and how it should be part of an organisation's fundamental beliefs and ethos.
Photo of glasses, the letters 'FOIA' in red, Freedom of information black text on white background.  BBC News Reporter request, DAta Protection Education DPO badge

This article shares advice we have given to several customers who have received an FOI request from the BBC News about conducting research into the challenges of handling harmful sexual behaviour in schools.
Ludo pieces on a board on white background. Blue text: New Governor resources, Governors: data protection & cyber security course, governance frameworks: data protection, cyber governance code of practice. Data Protection Education logo and DPO services badge

📢🏛️ We've published some new resources for governing bodies about data protection and cyber security.  Governors can be added to our Knowledge Bank platform as part of your subscription with us at no extra charge.

ICO poster: Black and white photo image of a lady and text: "I had to move my kids out of school'. Black text on white background: Does stress lead to data breaches? Ripple Effect . Data Protection Education logo

😓💻  When organisations approach the end of a busy and stressful time, or as they rush to finish for a long weekend or holiday, we see a huge spike in data breaches reported to us. 
Transparent image of a teacher at the front of a class teaching children.  Robot holding AI in blue letters. Text in blue and black: 83% teacher say AI is a time saver. Data Protection Education logo

🤖🕒 Most meetings we are having with schools at the moment feature conversations and questions around the use of AI by staff in  organisations.  It's clear the landscape is rapidly evolving and education may not be moving as fast, however, it does help to be prepared.
Image of a young child on a computer. Blue text: Narrowing the digital divide. White text on navy background: DfE Consultation. Data Protection Education

💻📢 The DfE are seeking views on proposals for narrowing the digital divide in schools and colleges.  It outlines the DfE's long-term vision for narrowing the digital divide in schools and colleges.

Robot hand pointing to opt out check box. Arbor AI in orange text, On by default in white text. Data Protection Education logo. Blue background

💻 ⚠️ Arbor recently announced that it was including some AI as part of it's default configuration - some customers have raised questions about this with us.
Background photo of digital folders around a shield in blue and white. A bag of money in a trolley. Text says procuring a new MIS. Data Protection Education logo

✅📃 An MIS (management information system) is a critical part of the school's day to day operations and digital infrastructure.  They can be on premise or in the cloud, which means contract terms can differ.  We highlight the latest guidance alongside what is already data protection law - you should follow this, even if you are procuring your MIS through your local authority or third party IT provider.

Text: HCRG Data Breach. Photo of a hand coming out of a laptop holding a red key

Some of our customers have been affected by the data breach reported by the HCRG Care Group.  The group is currently investigating claims by a ransomware group that more than two terabytes of sensitive information has been breached.
Photo of a white humanoid robot looking at a tablet screen with text. AI in orange letters on blue background. Literacy in white text on black background. Data Protection Education logo below the word Literacy

🤖✅There is no doubt that AI is here to stay as it transforms organisations by helping to automate tasks, increase productivity and efficiency while influencing decision making.  However: "With great power comes great responsibility".
blue text a quick guide to: AI in black text. Blue robot dog. Data Protection education logo

🎥🤖  Some of the organisations we are talking to are a little confused about AI, whether they should use it and if their staff already are using it or not.  We've put together a short video explaining the different types of AI, the risks and how you should start documenting your use.
Safer Internet Day official art work, coloured orange and blue text: Safer Internet Day, Cyber Security, Data Protection. Data Protection Education logo

🛡️🔒We couldn't get through today without mentioning it's Safer Internet Day today (11th February).  And while we don't need a special day to talk about being safe online, cyber security and data protection, we welcome any chance to highlight how important they all are.
Photo of red boxing gloves.  White text that says cyber resilience championship. DfE Digital Standards vs Cyber Essentials. Data Protection Education Logo

🏆🥊🛡️When we meet with schools we are often asked whether we think they should be looking at the DfE Digital Standards or Cyber Essentials, aren't they the same?

Photo image of a finger pointing to a cog on a digital hexagon.  Text in blue: The multiple dimensions of. Text in white: Supplier Due Diligence. Data Protection Education logo.

✅ 🔒 Organisation's rely heavily on third-party software suppliers for day to day business.  We explore the critical aspects of software supplier due diligence and why it should be a priority for every organisation.

WhatsApp icon on a mobile phone, blue text of Freedom of Information. Data Protection Education logo

📲💬 We come across many organisations using WhatsApp as a communication tool with staff regularly and have previously highlighted some of the risks.  The ICO have recently published information about a case where WhatsApp messages had to be included in a Freedom of Information Request.
Photo of an empty classroom with a computer generated head image on the board at the back. Data Protection Education logo. Text in black: New AI Guidance from the DfE

📢📢 The DfE has recently published new guidance and resources about using Artificial Intelligence in a school environment.

AI generated image of a key hole overlayed by a finger print on a cyber background. Data protection education logo on the bottom right of the image

🗝️🛡️ In a world where cyber attacks are becoming increasingly sophisticated, protecting sensitive information and user accounts has never been more critical. Traditional passwords are rapidly being replaced by a more advanced and secure solution: passkeys. This article explores the benefits of passkeys, their role in preventing cyber attacks, and what to do if a system does not yet support them.

photo of a robot hand choosing a Data Protection Education candidate from four photos, of two ladies and two men

🤖🤖 The ICO recently published an overview reports about the use of AI tools in recruitment processes.  While it was recognised that it can offer benefits to employers, it recognises their use can also lead to risks for people and their privacy and information rights.

Photos of early years children on an orange background. Early Years settings in blue text. Data Protection and Cyber security in white text. Data Protection Education logo and website address: www.dataprotection.education

🧸 🚼 As digital technology continues to increase in our educational settings, Early Years settings are increasingly integrating digital tools into their operations.  While this might enhance efficiency and communication, it also raises concerns and challenges about cyber security and data protection.

Photos of different people from different genres in an orange circle. Girl at school in the background. Text says Meeting Digital Standards in Schools and Colleges, Understanding the SLT Digital Lead profile. Data Protection Education logo

👩🏽‍🏫👨🏽‍💻 Since we have been talking to schools and multi academy trusts about the SLT digital lead, there have been a lot of questions about who that should be in the organisation. There’s often an assumption that it should automatically be the IT Manager, technician, or Data Protection Lead.  In this article, we explore the profile of an effective SLT Digital Lead and their critical role in shaping digital strategy, integrating technology into teaching and learning, ensuring business continuity, strengthening cybersecurity, and optimising administrative processes.
  1. Navigating Privacy at the End of Term , Special Occasions and End of Year
  2. Effectively communicating during a cyber incident
  3. Contracts Register
  4. South East Technological University has experienced a cyber incident
  5. Safeguarding Identity in Microsoft 365: Protecting the UK Education Sector Against Cyber Threats
  6. DfE Digital Standards Autumn Update
  7. The importance of knowing how to access your CCTV footage!
  8. Cyber Attack on a Special School
  9. Stealing children's data
  10. What is dark data? (and why does it matter?)
  11. Ofqual highlights the value of cyber security training in schools
  12. Searching for data when you receive a Subject Access Request
  13. Fylde Coast Academy Trust Cyber Attack This Week
  14. Calling all IT leads in schools and mult academy trusts!
  15. Ransomware cyber attack on a school in Bromley
  16. Join Our Social Media Family!
  17. School hit by Cyber Attack
  18. Cyber Security Best Practice Area
  19. DfE Digital Standards for Schools and Colleges Tracker
  20. New Policies, Documents, Letters and Posters page
  21. Schools and Trusts Best Practice Area
  22. The DPE Retention Schedule
  23. Making the Rounds Update (now includes reporting)
  24. ESFA Cyber Essentials Requirement for Colleges from 2024/2025
  25. ICO Reprimands a School
  26. How does the recent global IT outage affect me?
  27. King's speech introduces new bills in relation to cyber security, smart data and digital information
  28. Out of date technology
  29. Data Retention and the Pupil File
  30. Have you assigned your SLT Digital Lead yet?
  31. What's a Cyber Incident and what should we do?
  32. Getting Started with AI (Artificial Intelligence)
  33. Cyber attack on a school during half term
  34. Free short cyber training for staff
  35. The rise of cyber attacks in schools are causing pupils to miss classes
  36. ICO: Learning from the mistakes of others report
  37. Children's mental health data leaked after a cyber attack
  38. Cyber attack on a Trust; the aftermath
  39. School Focus: The Vale Federation | Aylesbury
  40. DfE Dealing with Subject Access Requests (SARs) Guidance
  41. Update to the Guidance on Information Sharing from the DfE
  42. FOI Requests generated by Artificial Intelligence
  43. Social Media Best Practice Area
  44. Lettings Best Practice Area
  45. MFA Bombing - What is it?
  46. Protecting your Social Media Accounts
  47. Product Focus on Checklists : Initial Trust Plan
  48. Product Focus on Checklists : End of Term Checklist
  49. Product Focus on Checklists : Information and Cyber Security
  50. Product Focus on Checklists : Social Media
  51. Cyber Incident Review: The Benefits
  52. Product Focus on Checklists : Lettings
  53. Product Focus on Checklists : Record of Processing
  54. Milk Island: The secret location that allows children to view restricted content on Google Maps
  55. Why Data Should Stay Put: Benefits of Keeping Data in Its Original System
  56. Product Focus on Checklists : Data Retention and Destruction
  57. Product Focus on Checklists : Data Migration
  58. Product Focus on Checklists : Biometrics
  59. Product Focus on Checklists : Supplier Due Diligence
  60. Free Cyber help, advice and training with the Cyber Resilience Centres
  61. The Perils of Paper: The Printing Vulnerability
  62. Product Focus on Checklists : FOI
  63. Product Focus on Checklists : Governors and Data
  64. Product Focus on Checklists : DPIA
  65. Product Focus on Checklists : Site Moves
  66. Product Focus on Checklists : Data Breaches
  67. Product Focus on Checklists : Subject Access Requests
  68. Cyber attack on a University
  69. Product Focus on Checklists : Bring your own device
  70. Product Focus on Checklists : Working out of school/offsite
  71. Cyber Attack on a School
  72. Product Focus on Checklists : Redaction
  73. Major cyber-criminal gang Lockbit brought down by UK Law Enforcement
  74. Why Due Diligence is Important: Fake apps
  75. Product Focus on Checklists : CCTV
  76. Product Focus on Checklists : Clear desk
  77. Product Focus on Checklists : Commitment to compliance
  78. Product Focus on Checklists : Photos and video
  79. Product Focus on Checklists : Passwords
  80. Product Focus on Checklists : Information Classification
  81. Safer Internet Day 2024
  82. Kent Councils Data Breach
  83. Free cyber training for staff
  84. DfE Digital Standards Update
  85. The Mother of all Breaches
  86. ClassCharts Possible Data Breach
  87. Where is your data stored?
  88. IAPP looks at AI privacy risks
  89. If you suspect a financial scam .....
  90. Guardians of Privacy: 16. Social Media Checklist
  91. Guardians of Privacy: 15. Navigating Social Media in Educational Settings Summary
  92. Guardians of Privacy: 14. Social Media and Cyber Bullying
  93. Guardians of Privacy: 13. Social Media, Copyright and Intellectual Property
  94. Guardians of Privacy: 12. Social Media and Going Viral
  95. Guardians of Privacy: 11. Staff Social Media Accounts
  96. Guardians of Privacy: 10. Social Media and Cookies
  97. Guardians of Privacy: 9. Social Media and Morality
  98. New Resources for Schools from the ICO
  99. Guardians of Privacy: 8. Social Media Policies
  100. Guardians of Privacy: 7. Social Media Data Retention
  101. Guardians of Privacy: 6. Posting Safely
  102. Guardians of Privacy: 5. Social Media and Consent
  103. Guardians of Privacy: 4. Social Media Access Control
  104. Guardians of Privacy: 3. Social Media Channels
  105. Guardians of Privacy: 2. Law and Regulations
  106. Latest ICO Reprimand. Mr. S. Claus, Chief Executive Officer, North Pole Enterprises
  107. Phishing attacks targeting schools - alert from City of London Police
  108. The ICO reprimands a Multi Academy Trust
  109. Guidance for the use of school email and applying email retention in schools
  110. CISA and UK NCSC Announce Joint Guidelines for Secure AI System Development
  111. Data Protection Tips for Early Years Settings
  112. Children's Privacy around the world is a puzzle
  113. Trust Initial Plan Checklist Update
  114. Update on Advisory for Rhysida Ransomware
  115. Records Management Best Practice Update
  116. The Crime in a Cyber Attack and a Data Breach
  117. What do I need to redact?
  118. NCSC Annual Review is published for 2023
  119. Learning from Data Breaches
  120. Windows 11 security ineffective against attacks on old devices
  121. Trust Initial Plan for Data Protection Compliance (for Multi Academy Trusts)
  122. International Counter Ransomware Initiative 2023 Joint Statement
  123. Google for Education Resources: Helping IT Admins meet DfE digital and technology standards
  124. Top Ten Cyber Security Misconfigurations
  125. Lettings Best Practice and Guidance
  126. ICO Reprimand: company suffered a ransomware attack
  127. The UK Online Safety Bill becomes an Act (Law)
  128. Considerations when migrating to a new MIS
  129. The importance of software updates (PaperCut vulnerability and Rhysida ransomware)
  130. Public bodies and sensitive data
  131. Adding offline bulk training using the Certificates function
  132. Ransomware, extortion and the cyber crime ecosystem
  133. Get a DPE Badge for your website!
  134. ICO: 10 Step guide to sharing information to safeguard children
  135. Cyber Resource: The Cyber Resilience Centre Group
  136. Email and Security: ICO recent guidance
  137. Help after a Cyber Attack/Incident
  138. Social Media Policy
  139. Data Protection and Cyber Security (Inset Day) Training Ideas
  140. Changes to Microsoft Free Licensing for Schools
  141. What to do in the event of a Cyber Attack
  142. Cyber Crime: AI Generated Phishing Attacks
  143. Handling Freedom of Information Requests the right way
  144. Cyber Attack: Exam Boards
  145. VICE SOCIETY - Ransomware attacks on schools
  146. Using Tags if you are a group of organisations in the DPE Knowledge Bank
  147. Where's Harry the Hacker?
  148. Be Cyber Aware: USB Sticks
  149. Cyber Insurance in the Public Sector
  150. Types of Cyber Attacks: DDos Attack (Microsoft DDoS Attack in June)
  151. Cyber Attack: Leytonstone School
  152. The ICO Reprimands a school
  153. Be Cyber Aware: Firewalls
  154. Be Cyber Aware: Cyber attacks and transparency. A no blame culture
  155. Cyber Attack: Dorchester School
  156. Knowledge Bank Role Types: Admin, Staff and Trustee
  157. Types of Cyber Attacks: Password Attacks
  158. Be Cyber Aware: Why regular software updates are important
  159. Cyber Attack: Wiltshire School
  160. Keeping your IT systems safe and secure
  161. Types of Cyber Attacks: DDoS Attacks
  162. Types of Cyber Attacks: Phishing
  163. Types of Cyber Attacks: The Insider Threat
  164. Why your data is profitable to cyber criminals
  165. Using WhatsApp in Schools
  166. The Changes to Data Protection in the UK
  167. Knowledge Bank Updates
  168. Types of malware and how they are linked to data protection
  169. Striking Data Breach
  170. IPR Protection Email Scam
  171. Windows Server 2012 & 2012 R2 Retirement
  172. How to contact us for support, subject access requests, data breaches and FOI's
  173. YouTube breached child protection laws
  174. How a school fought back after a cyberattack
  175. Types of Cyber Attacks - Credential Stuffing
  176. January Cyber update - How Can Schools Help Prevent Cyber Attacks?
  177. Assigning courses to staff using to-dos
  178. How the Record of Processing Can Help You
  179. Information Security Basics: What are VPN's?
  180. What does a Data Protection Officer Do?
  181. Are you ready for a Data Breach?
  182. Carrying out Supplier Due Diligence
  183. How Long Should You Keep Personal Data For?
  184. The Education sector now at highest risk of cyber attacks
  185. How to Assess your Data Security
  186. Schools Blocked from Using Facial Recognition Systems
  187. The Children's Code
  188. B&H FoI: Racist/religious incidents/bullying
  189. Cyber Attacks
  190. Protocol for Setting Up and Delivery of Online Teaching and Learning
  191. Class Dojo International Data Sharing
  192. Model Publication Scheme: Amendments, Improvements and Updates
  193. Child friendly privacy notices
  194. Transparency
  195. Secure file transfer of files using Royal Mail
  196. Emergency contacts and consent
  197. Key elements of a successful DPIA
  198. FOI Publication Schemes
  199. SHARE: Avoid disinformation online
  200. Best Practice for Managing Photos and Video
  201. New Drip Feeds: Recognise and Respond to Subject Access Request
  202. When to contact the Data Protection Officer?
  203. National child measurement programme
  204. Compliance Manager released
  205. Headteacher fined for breach of data protection legislation
  206. Emails – good practice and minimising the risk of a data breach

Search

Keep in the Know!

Get our latest news directly to your inbox

Privacy notice