This course will provide instruction, latest updates, resources and real world experience to best help you support data protection in your school.

You will learn:

  • how to be an effective data protection lead
  • tips and tricks on how to effectively manage a subject access request
  • using the take 5 method, to effectively prevent the common data processing mistakes in your school.

Programme Outline

Overview of the UK GDPR, Data Protection Act 2018 and PECR in a school setting

  • Understanding the role of a Data Processor and Data Controller
  • Understanding processing relationships
  • Contracts and supplier due diligence
  • Working with the school Data Protection Officer

Identifying and managing a Subject Access Request

  • Understanding Subject Access Requests (SARs)
  • Understanding the psychology of a SAR
  • The SAR key updates
  • Understanding the SAR exemptions
  • Refusing a request
  • Effectively managing a SAR
  • Fulfilling a request

Preventing common processing mistakes in your school

  • Human error as a common mistake and the Take 5 principle
  • Avoiding: Phishing attacks, Unauthorised access, Data emailed to the wrong address, Loss or theft of paperwork
  • Performing a data walk (scenario)
  • Summary of available resources
  • Onward actions


Darren  Rose

Darren Rose

GDPR Training Ltd

Find out more