On the 25th May 2018, the General Data Protection Regulations (GDPR) come into force in the UK. These are new data protection regulations build upon the Data Protection Act of 1998.
The GDPR require public authorities and businesses to identify the lawful basis for storing personal data, audit information we already hold and take a ‘data protection by design and default’ approach to personal data.
We take data protection very seriously at Bridgewater. In line with GDPR requirements, we will be appointing a Data Protection Officer to oversee our approach to data management and protection. Until we have recruited the services of a DPO from outside the school Helen Holmes Higgin will initially take on the role and for this purpose the email address will be: email@example.com
In order to ensure that we comply with the new regulations, we are reviewing our current policies and practices. We are updating our data protection and data security policies and our privacy notices in line with the new requirements.
As part of this compliance process, we will also be seeking to update the consent forms/home school agreements we have received from parents and pupils. The new regulations are clear that consent must be up-to-date and clearly recorded. From now on, lack of response cannot be interpreted as implied consent.
To learn more about the General Data Protection Regulation, please visit the Information Commissioner’s Office website on http://ico.org.uk