The ICO's edtech audit programme, covering 28 providers used across UK primary and secondary schools, has resulted in one of the most significant data protection reports to affect the education sector in years. Published in June 2025, the ICO's EdTech Examined report made 596 recommendations and found widespread compliance failures in how edtech providers handle children's personal data. This article sets out what was found and what schools and

The Department for Education (DfE) updated its Data protection in schools guidance on 17 June 2026, this refresh aligns the guidance with the wider expected KCSIE 2026 guidance and reinforces existing obligations that schools should already be acting on.

This article sets out what has changed, what it means for your school in practice, and the actions your data protection lea

The Keeping Children Safe in Education (KCSIE) document obliges schools and colleges in England to “ensure appropriate filters and appropriate monitoring systems are in place and regularly review their effectiveness”. This responsibility is now a standard, no just a technical tick box, but a core leadership and safeguarding function.

When a Multi-Academy Trust (MAT) accidentally leaks highly sensitive pupil data, it makes national headlines.

As your external Data Protection Officer, we are pleased to introduce the May 2026 updates to our suite of model privacy notices. These revisions ensure that the schools we support remain at the forefront of compliance, specifically addressing the requirements of the Data Use and Access Act (DUAA) and the Children's Wellbeing and Schools Act.

ChatGPT, Gemini, Copilot and Data Protection

A Practical Guide for School Leaders and Data Protection Officers

This article combines guidance from the Guardians of Privacy series, produced by Data Protection Education in collaboration with Litus Digital, with urgent new advice issued in May 2026 following confirmed blackmail attempts against UK schools using AI-manipulated images of children. Key sources include the UK Safer Internet Centre (8 May 2026) and the Internet Watch Foundation.

Navigating the entry requirements for educational settings can sometimes be confusing for both the school and the visitor.  To ensure a smooth, secure, and legally compliant process, it is essential to balance safeguarding requirements with data protection principles and DfE guidance.

Following the popularity of our recent CCTV webinar, we've published some pointers for headteachers, governance professionals, head of operations and estates managers about CCTV compliance.

We discuss the legal obligations and common pitfalls of CCTV surveillance under the UK GDPR and Data Protection law.

To operate CCTV lawfully, organisations must move beyond just installing camera.

The DfE has announced a new update to the DfE Digital Cyber Security Standards for Schools and Colleges.

The DfE Wireless Networks is part of the DfE Digital Standards guidance and has recently been updated to include references to Wi-Fi7. You must check with this standard before you plan any Wi-Fi upgrades!

There is a now clear guidance that specifies that any new wireless solution or upgrade must, at a minimum, meet the Wi-Fi 8 standard.

Wi-Fi 7 provides significantly higher throughput and lower latency. In a classroom where 30 students might si

🔄☁️ Having a robust backup is being prepared against data loss and data theft.  March 31st is World Backup day to remind everyone of the importance of having a robust and accessible backup.