DATA PROTECTION SERVICES FOR SCHOOLS

DATA PROTECTION CONSULTANCY SERVICES

At DPAS we can provide your school with an all-inclusive price for outsourced GDPR services. We’ve put together a cost effective package which includes software from GDPR for Schools, a suite of policies, training and an outsourced Data Protection Officer service.

As a school handling very sensitive data, it’s important that you protect and respect the personal data that you collect, and most importantly it must be handled in line with the current legislation. Using our outsourced school services will help you to demonstrate that you are complying with the GDPR.

services for schools

why DPAS

experience icon

INDUSTRY EXPERIENCE

We have been providing services to schools since the GDPR was introduced.

support icon

EXPERT SUPPORT

We have qualified lawyers, GDPR practitioners, information security experts, qualified trainers and business analysts ready work with you.

client icon

PEACE OF MIND

By outsourcing this service ensures that you are confident that no stone will be left unturned.

working internationally icon

HERE WHEN YOU NEED US

We have a dedicated ticketing system and phone line for our DPO support, call us whenever you need us.

  • Named Data Protection Officer.
  • GDPR for Schools software to support your schools ongoing compliance.
  • CPD accredited training for staff, nationwide.
  • Suite of policies designed for schools.
  • Yearly audit (mirroring the ICO audit).
  • Posters, resources, videos, support & advice.
  • Support and guidance for Cyber Essentials Accreditation if required.

Your DPAS Data Protection Officer

One of the biggest changes introduced under GDPR is that schools must now have a Data Protection Officer.  DPOs assist you to monitor internal compliance, inform and advise on your data protection obligations, provide advice regarding Data Protection Impact Assessments (DPIAs) and act as a contact point for data subjects and the supervisory authority. The DPO must be independent, an expert in data protection, adequately resourced, and report to the highest management level.

Most schools do not have that internal member of staff to take on the Data Protection Officer role that has the experience that the GDPR requires.  Therefore, outsourcing your DPO is a cost-effective option for schools, allowing you to meet the regulatory requirements. 

Our DPO will work closely with your school’s Data Champion, ensuring that Data Protection processes are in place and compliance levels are maintained. 

Our outsourced Data Protection Officer will support your school in the following way: 

  • Provides a yearly audit report to the Governors​
  • Registered with the ICO​
  • Liaises with the School’s Data Champion​
  • Supports your school in the event of an ICO audit​
  • Provides Independent advice when required ​
  • Can provide subject matter expertise on DPIAs​
  • Can assist with Data Breaches or near misses

GDPR for Schools Software

A highly secure, cloud-based tool designed to reflect existing processes and the way schools work, whilst pro-actively prompting them to meet and exceed the requirements of the new General Data Protection Regulation.​

The software allows you as a school or multi academy trust to:

  • Centrally manage GDPR across your school
  • Demonstrate commitment to manage data sensitively and ethically
  • Build a framework to encourage a culture of privacy
  • Prompt good practice surrounding data protection
  • React quickly to SARs, incidents and data breaches
  • Advocate and demonstrate accountability
  • Manage training across your school
  • Report termly to your governors
  • Internally audit your schools and identify potential issues
  •  
  • Having an outsourced DPO ensures you are complying to the requirements set out in the GDPR regarding a Data Protection Officer
  • Access tools, templates, resources which would take months to create
  • Saves time for the organisation by using external sources
  • We can highlight gaps in compliance, i.e. where Data Processing Agreements have not been agreed or are not in place
  • Be confident that you are being advised by an experienced, approachable and adaptable team
  • Helps you to demonstrate to parents that your school promotes a data safe culture.

1.Can you tell me more about your CPD Training?

We know that the ICO are focusing heavily on training and awareness when auditing schools and determining if they are complying to the legislation.

The ICO requires schools to ensure they have a needs based training programme developed, ensuring that each member of staff understands the role they play in ensuring data is kept safe.

Specialist training should be provided to those that are fulfilling the role of the data protection officer, data protection manager, IG manager, SIRO and more.

Assessments and minimum pass rates should be adhered to, ensuring content and training is effective.

Training should be refreshed on an annual basis and evidenced.

Our training courses are accredited and relevant, we offer:

  • Data Protection Officer Course (4 days)
  • GDPR Foundation Course (1 day)
  • GDPR Practitioner Course (2 days)
  • Subject Access Requests Course or DPIA Course (1 day)
  • General Staff Awareness (3 hours)
  • eLearning for Schools (1 hour)

2. Will you do an audit?

Mirroring the ICO audit, our external audit enables MATs and Schools to understand where your schools are on their GDPR journeys. Our audit provides you with a detailed report on the school enabling you to target resources to areas of compliance and security.

3. What other services can you provide?

Aside from our services listed above, we can manage the entire compliance programme within a multi-academy trust or school.

We can:

  • Develop Information Governance Teams
  • Complete a GAP analysis and audit
  • Complete your record of processing activities
  • Complete a risk analysis across the organisation
  • Deliver a set of bespoke policies and procedures including;
  • Data protection policy
  • Privacy statements and notices
  • Retention policy and schedule
  • Individuals rights policy
  • Subject access rights policy and template letters
  • Data protection impact assessments template and policy
  • Staff training policy
  • Data sharing agreements
  • Supplier risk assessments
  • Incident and breach management policy and process
  • Help with Cyber Essentials accreditation
  • Deliver ISO27001 audit and services

4. What is GDPR for Schools software?

 A highly secure, cloud-based tool designed to reflect existing processes and the way schools work, whilst pro-actively prompting them to meet and exceed the requirements of the new General Data Protection Regulation. ​

The software allows you as a school or multi academy trust to:

  • Centrally manage GDPR across single or multiple schools
  • Demonstrate commitment to manage data sensitively and ethically
  • Build a framework to encourage a culture of privacy
  • Prompt good practice surrounding data protection
  • React quickly to SARs, incidents and data breaches
  • Advocate and demonstrate accountability
  • Manage training across your schools
  • Report termly to your governors
  • Internally audit your schools and identify potential issue

5. How much is your data protection package for schools?

Unlike a lot of consultancies, DPAS offers our customers a fixed yearly cost for our services. That way, the school can budget for what is required. Our yearly costs start at £1,000 per year.

​