The recent data breach involving Online SCR, an online provider of single central record (SCR) services, has put the personal data of education staff at risk.  The breach was a result of a cyber attack on a subcontractor.

As schools begin to welcome back students, staff and new joiners, the focus is on the new academic year: curriculum planning, safeguarding and operational logistics.  An equally critical and statutory area that demands attention is data protection and cyber security compliance.  Adhering to data protection law isn't just about avoiding fines; it's about protecting sensitive personal data of children, their families and staff.

The ICO Accountability Framework is a crucial tool for any organisation handling personal data, providing a structured approach to data protection compliance. When applied to the Department for Education (DfE) Digital Standards, it becomes a powerful mechanism for schools and trusts to ensure their technology and data practices are not only efficient but also legally compliant and secure.

The sight of a ransacked classroom is unsettling, especially for a junior school community. A break-in is not just about the cost of a new window or a replacement laptop; it is also about the potential loss of sensitive data.  Greenfields Junior School, in Green Lane, was broken into during the summer holidays.

The DfE has published the report for their consultation: Narrowing the Digital Divide in Schools and Colleges, with the conclusion that schools can and want to meet the standards by 2030.

So, you've been asked to be the data protection champion/lead in your organisation!  We explain what that means for Data Protection Education customers.

The changes to the Academy Trust Handbook will be effective from 1st September 2025 and include some statutory digital standards recommendations.

📲👍It's Social Media day today - now an integral part of our daily lives both personally and at work. We take a look at some privacy considerations and acceptable use.

The DfE have issued guidance about how Ofsted looks at AI during inspection and regulation.

📳What's Up with WhatsApp? WhatsApp is a regular theme in relation to SARs, FOI's, data breaches and general use as tickets into our Knowledge Bank platform.  Emma Martins, Chief Commissioner of the Data and Marketing Commission has worked with us to produce some guidance following the recent employment tribunal that was published in relation to a preschool.

The GOV.UK Cyber Security Breaches Survey 2025 is out and reveals that 43% of UK businesses and 30% of charities experienced a cyber security breach or attack in the last 12 months.  We review and highlight some key data protection points.

🚫🔒 Sensitive data requires a higher level of security under UK GDPR because of its potential to cause significant harm to individuals if it is lost, stolen or misused.  A recent case of a teacher losing their job after accessing a safeguarding report and transcribing it to her personal computer highlights the both the importance for least privilege access and continual review of access.