Data Protection Procedures
We believe that all personal data covered by the Data Protection Act 1998 includes the school admission register, attendance registers, pupils' curricular records, assessment data, class lists, reports to parents, pupils' disciplinary records, school personnel files, school financial information, school strategic and school improvement plans, pupils' family and home contact details, records of contractors and suppliers and records of pupils entering public examinations.
We will ensure that under the Data Protection Act 1998 all school personnel are able to access their personal data that is held about them. We believe it is our duty to respond to any request of access within 40 days.
We will ensure a pupil's educational records will be made available to their parents or carers on receipt of a written request within 15 school days.
We aim to fulfill our obligations under the Data Protection Act 1998 and to protect the right of school personnel and pupils to privacy in line with the Act.
We as a school community have a commitment to promote equality.
- To allow all school personnel their right to have access to their personal data.
- To allow all parents their right of access to their child's records.
- To protect all school personnel's right to privacy in line with the Data Protection Act 1998.
- To protect all pupils right to privacy in line with the Data Protection Act 1998.
- To work with other schools to share good practice in order to improve this policy.
- the responsibility to comply with the legal requirements of the Data Protection Act 1998;
- delegated powers and responsibilities to the Headteacher as ‘Data Controller’ for the school;
- delegated powers and responsibilities to the Headteacher to ensure all school personnel and stakeholders are aware of and comply with this policy;
- responsibility for ensuring that the school complies with all equalities legislation;
- responsibility for ensuring this policy and all policies are maintained and updated regularly;
- responsibility for ensuring all policies are made available to parents;
- nominated a link governor to visit the school regularly, to liaise with the Headteacher and to report back to the Governing Body;
- responsibility for the effective implementation, monitoring and evaluation of this policy
- act as ‘Data Controller’ for the school;
- ensure the school complies with the Data Protection Act 1998 and the eight data protection principles;
- ensure all data is processed fairly and lawfully;
- ensure security measures and confidential systems are in place to protect personal data and pupil records;
- ensure data is obtained for specific and lawful purposes;
- ensure data is adequate, relevant and not excessive;
- ensure all personal data is accurate and that inaccurate data is corrected or erased;
- ensure that at the beginning of every academic year all school personnel will receive a copy of their personal data;
- ensure procedures are in place to deal with requests for access to personal data;
- ensure data is not kept longer than is necessary;
- ensure school personnel are aware of their rights;
- ensure school personnel are aware of their responsibilities;
- ensure a pupil's educational records will be made available to their parents or carers on receipt of a written request within 15 school days;
- ensure a Common Transfer File is sent when a pupil joins another school;
- work closely with the link governor;
- provide leadership and vision in respect of equality;
- provide guidance, support and training to all staff;
- monitor the effectiveness of this policy;
- annually report to the Governing Body on the success and development of this policy
- work closely with the Headteacher and the coordinator;
- ensure this policy and other linked policies are up to date;
- ensure that everyone connected with the school is aware of this policy;
- report to the Governing Body every term;
- annually report to the Governing Body on the success and development of this policy
- comply with all aspects of this policy;
- follow the safe and confidential system procedures that are in place to protect personal data and pupil records;
- receive a copy of their personal data at the beginning of every academic year:
- check this data and will inform the Data Controller of any mistakes;
- apply in writing for access to their personal data;
- comply and respect confidentiality of personal information when involved with interviewing new school personnel;
- inform the school and the Local Authority of any changes to their personal data
- implement the school’s equalities policy and schemes;
- report and deal with all incidents of discrimination;
- attend appropriate training sessions on equality;
- report any concerns they have on any aspect of the school community
- be processed lawfully;
- be obtained and processed for specific and lawful purposes;
- be sufficient, appropriate and not excessive in relation to the precise purpose;
- be accurate and up to date;
- not be kept for a great length of time;
- be processed in agreement with the individual’s legal rights;
- be protected against unlawful processing, accidental loss, destruction or damage;
- not be transferred outside the EU unless the rights and freedom of the individual is protected
- anti-virus software;
- firewall software;
- be discreet and confidential;
- consider the safe and secure positioning of computers;
- back up data;
- turn off computers when not in use;
- remember password access;
- lock filing cabinets and doors to offices;
- shred confidential material;
- clear their desk before they leave school
- know when their data is being processed, the reason it is being processed and the name of the person or organisation requesting the information;
- prevent processing which could be harmful to them or others;
- prevent the processing of their performance management records;
- go to court to prevent inaccurate data being used;
- be compensated if a data controller contravenes the Data Protection Act;
- stop data being processed for direct marketing
- copies of their references;
- information on pay reviews;
- examination results until they have been released
- the School Handbook/Prospectus
- the school website
- the Staff Handbook
- meetings with parents such as introductory, transition, parent-teacher consultations and periodic curriculum workshops
- school events
- meetings with school personnel
- communications with home such as weekly newsletters and of end of half term newsletters
- reports such annual report to parents and Headteacher reports to the Governing Body
Responsibility for the Policy and Procedure
Role of the Governing Body
The Governing Body has responsibility for ratification of all school policies.
We work in conjunction with the Local Authority Code of Practice to ensure that computers and servers comply with all up to date Government regulations and are secure with:
All school personnel are trained to:
Disclosure of Data
Personal data cannot be disclosed to a third party without the consent of the individual except when it is legally required.
Requests for Access to Data
All requests from school personnel for access to their data must be made in writing on headed note paper and sent to the data controller.
Any member of the school personnel who disputes any aspect of their personal data with the Data Controller has the right to take up the matter under the school’s formal grievance procedures.
Rights of Parents and Carers
Pupil's educational records will be made available to their parents or carers on receipt of a written request within 15 school days.
Raising Awareness of this Policy
We will raise awareness of this policy via:The school website, newsletters and verbally.
We ensure all school personnel have equal chances of training, career development and promotion.
Periodic training will be organised for all school personnel so that they are kept up to date with new information and guide lines concerning equal opportunities.
Equality Impact Assessment
Under the Equality Act 2010 we have a duty not to discriminate against people on the basis of their age, disability, gender, gender identity, pregnancy or maternity, race, religion or belief and sexual orientation.
Monitoring the Effectiveness of the Policy
The practical application of this policy will be reviewed every two years or when the need arises by the Headteacher and the nominated governor.
A statement of the policy's effectiveness and the necessary recommendations for improvement will be presented to the Governing Body for further discussion and endorsement.