As a school you are classed as the ‘data controller’. Data controllers must implement appropriate security measures and these measures need to have the appropriate level of protection for the data stored and processed.
Information Governance for Schools provides information and advice to support schools in complying with their legal responsibilities under the following pieces of legislation:
• General Data Protection Regulations (GDPR)
• Data Protection Act 1998
• Freedom of Information Act 2000
• Environmental Information Regulations 2004
You can access a range of guidance and information relating to information governance, data protection and information security, including the new GDPR requirements