On 13 September 2017 the Data Protection Bill was published. The Bill, which will replace the Data Protection Act 1998 once in force in May 2018, sets new standards for protecting personal data in accordance with the General Data Protection Regulations (GDPR).
The Bill applies the GDPR principles and standards regarding the processing of personal data and aims to ensure there are appropriate safeguards in place to keep data safe and secure in the modern digital age.
The UK’s data protection regulator, the Information Commissioner’s Office, will be working on guidance to assists schools and organisations achieve compliance with the GDPR and the Bill in due course. It is expected that guidance will be published over the coming months and we will continue to keep schools updated on the new Bill and guidance, once published.
The ICO have also published a new version of the Privacy Notice for schools. This is a model only and should be amended to ensure it accurately reflects the schools processing operations. A link is included here: https://ico.org.uk/for-organisations/guide-to-data-protection/privacy-notices-transparency-and-control/.