Preparing for GDPR
The GDPR law will come into effect on 25th May 2018, it requires all businesses to take action. Even if you are already registered with ICO you will need to take action YOU CANNOT IGNORE IT!
This forum will help you think about what measures you need to think about in advance and will help you ask yourself the right questions so that you can make changes to your practice to help you become compliant ready for May 25th. We have written some pieces to guide you through the process and we are providing this dedicated forum to enable you to talk about the decisions you are making and the policies and procedures you are changing in preparation. As with all forum areas you can ask questions and share your ideas and best practice!
51 topics in this forum
-
- 1 follower
- 9 replies
- 1.3k views
Any advice/clarification would be really helpful. We have used and adapted the PLA privacy notice. In the section ‘Who we share your data with’ it says, amongst other things, ‘The school that your child will be attending’. I have a parent saying that this can’t be done without consent. Above it also say ‘We have a legal obligation to transfer records and certain information about your child to the school that your child will be attending’. So am I correct in saying that we can share info? Many thanks for any advice.
Last reply by AnonyMouse_30128, -
- 2 replies
- 760 views
Hello all, I am in the process of up-dating my acceptance of contract termination letter to parents. I am just enquiring what people have placed under the data retention details to now include as part of this letter to be GDPR compliant. Is there a template anyone can point me in the direction of? Many thanks.
Last reply by AnonyMouse_72183, -
- 1 follower
- 5 replies
- 906 views
Is there any problem when allowing parents to download learning journals at the end of the school year? Will it be GDPR compliant?
Last reply by AnonyMouse_12805, -
- 4 replies
- 763 views
How do we stand regarding GDPR and a child transferring to a new setting? Their account and learning journal can be transferred to the new setting but I am wondering if that is GDPR compliant?
Last reply by FSFRebecca, -
- 1 follower
- 3 replies
- 986 views
When deleting a child's information/folder it says it takes 90 days to completely be deleted from the system. Is that not a data protection issue as the child has left but their information is still on the system. Is there a way to cut down the 90 days or just delete it there and then?
Last reply by AnonyMouse_50848, -
- 19 replies
- 1.7k views
Hi My understanding of the GDPR is that any information that is shared has to be done so securely. So what about emails. We occasionally send queries to funding about children which may include their name and DOB - personal data. So I believe we could only do this if we send it encrypted. Does anyone have any easy solutions to encrypting emails? We use a Google email account and so far I am struggling to understand how to encrypt. Can anyone offer any advice? With thanks
Last reply by AnonyMouse_11134, -
- 1 reply
- 1.1k views
I was wondering if anyone was so kind to share their employee GDPR agreement? I have a staff checklist but ideally would like an agreement for them to sign!! xx
Last reply by FSFRebecca, -
- 2 followers
- 20 replies
- 8.6k views
I am aware of a new regulation coming in next year and am suddenly being bombarded by companies wanting to sell me all sorts of wonderful stuff to help us through the new requirements. We are of course already registered for data protection etc. Does anyone know if we will automatically be contacted to formally register for this? Or is it just something we have to comply with.
Last reply by AnonyMouse_50436, -
GDPR resources 1 2 3
by FSFRebecca- 1 follower
- 72 replies
- 8.3k views
I have put the following resources in the resource library: GDPR spreadsheet GDPR enrolment form I would save a copy of the form with the red commentary to refer to (and to show parents) and then I would delete the commentary to give me a 'blank' form. The writing in blue are things for you to personalise for your own setting. GDPR privacy notice for parents to be used in conjuction with the enrolment form Tapestry protocol document updated to reflect GDPR
Last reply by FSFRebecca, -
- 1 follower
- 11 replies
- 2.7k views
Hello everyone! OK lets talk GDPR! On our current enrolement forms we have emergency contacts in case the parents cannot be contacted. The data contains name, relationship to child and a contact number. The parents provide these details not the emergency contact. Anyone know if this is ok! I have a huge headache just from completing the audit and letters to go out! Thanks all, Kelly
Last reply by AnonyMouse_51431,