SlideShare ist ein Scribd-Unternehmen logo
1 von 2
Downloaden Sie, um offline zu lesen
Chad Vale Primary School.
                           Data Protection Policy

The school will comply with:
� The terms of the 1998 Data Protection Act, and any subsequent relevant
legislation,
to ensure personal data is treated in a manner that is fair and lawful.
� Birmingham Education Service advice and guidance supplied in the Data
Protection Advice for Schools flyer and Data Protection Guidance for Schools
booklet.
� Information and guidance displayed on the Information Commissioner’s website
(www.dataprotection.gov.uk)



This policy should be used in conjunction with the school’s Internet Acceptable Use
Policy and the Freedom of Information Policy.

Data Gathering
All personal data relating to staff, pupils or other people with whom we have
contact, whether held on computer or in paper files, are covered by the Act. Only
relevant personal data may be collected and the person from whom it is collected
should be informed of the data’s intended use and any possible disclosures of the
information that may be made.

Data Storage
• Personal data will be stored in a secure and safe manner.
• Electronic data will be protected by standard password and firewall systems
operated by the school.
• Computer workstations in administrative areas will be positioned so that they are
not visible to casual observers waiting either in the office or at the reception hatch.
• Manual data will be stored where it is not accessible to anyone who does not have
a legitimate reason to view or process that data.
• Particular attention will be paid to the need for security of sensitive personal data.

Data Checking
The school will issue regular reminders to staff and parents to ensure that personal
data held is up-to-date and accurate. Any errors discovered would be rectified and,
if the incorrect information has been disclosed to a third party, any recipients
informed of the corrected data.

Data Disclosures
• Personal data will only be disclosed to organisations or individuals for whom
consent has been given to receive the data, or organisations that have a legal right
to receive the data without consent being given.
• When requests to disclose personal data are received by telephone it is the
responsibility of the school to ensure the caller is entitled to receive the data and
that they are who they say they are. It is advisable to call them back, preferably via
a switchboard, to ensure the possibility of fraud is minimised.
• If a personal request is made for personal data to be disclosed it is again the
responsibility of the school to ensure the caller is entitled to receive the data and
that they are who they say they are. If the person is not known personally, proof of
identity should be requested.
• Requests from parents or children for printed lists of the names of children in
particular classes, which are frequently sought at Christmas, should be politely
refused as permission would be needed from all the data subjects contained in the
list. (Note: A suggestion that the child makes a list of names when all the pupils are
present in class will resolve the problem.)
• Personal data will not be used in newsletters, websites or other media without the
consent of the data subject.
• Routine consent issues will be incorporated into the school’s pupil data gathering
sheets, to avoid the need for frequent, similar requests for consent being made by
the school.
• Personal data will only be disclosed to Police Officers if they are able to supply a
WA170 form which notifies of a specific, legitimate need to have access to specific
personal data. This form is the agreed procedure between Birmingham City Council
and West Midlands Police.
• A record should be kept of any personal data disclosed so that the recipient can
be informed if the data is later found to be inaccurate.

Subject Access Requests
If the school receives a written request from a data subject to see any or all personal
data that the school holds about them this should be treated as a Subject Access
Request and the school will respond within the 40 day deadline. Informal requests to
view or have copies or personal data will be dealt with wherever possible at a
mutually convenient time but, in the event of any disagreement over this, the person
requesting the data will be instructed to make their application in writing and the
school will comply with its duty to respond within the 40 day time limit.

This policy will be included in the Staff Policy Folders. Data Protection statements will
be included in the school prospectus and on any forms that are used to collect
personal data.
This policy was updated August 2012 by Kerry Grosvenor.
Reviewed on August 2012.
…………………………………………………………...
Signed:
Chair of Governors
Date:…………………………………………………….

Weitere ähnliche Inhalte

Ähnlich wie Data protection policy done

FERPA - SCASFAA 2015
FERPA - SCASFAA 2015FERPA - SCASFAA 2015
FERPA - SCASFAA 2015DJ Wetzel
 
Introduction to Data Protection and Information Security
Introduction to Data Protection and Information SecurityIntroduction to Data Protection and Information Security
Introduction to Data Protection and Information SecurityJisc Scotland
 
Privacy and Civil Liberties
Privacy and Civil LibertiesPrivacy and Civil Liberties
Privacy and Civil LibertiesUpekha Vandebona
 
Security
SecuritySecurity
SecurityNabatah
 
Data protection ppt
Data protection pptData protection ppt
Data protection pptgrahamwell
 
Legislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to KnowLegislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to KnowKaley Perkins, MA
 
Student Privacy Rights: In and Out of the Classroom
Student Privacy Rights: In and Out of the ClassroomStudent Privacy Rights: In and Out of the Classroom
Student Privacy Rights: In and Out of the ClassroomChristina Gagnier
 
Training innovations information governance slideshare 2015
Training innovations information governance slideshare 2015Training innovations information governance slideshare 2015
Training innovations information governance slideshare 2015Patrick Doyle
 
Ch 17 data protections act
Ch 17 data protections actCh 17 data protections act
Ch 17 data protections actKhan Yousafzai
 
The Top Five Legal Pitfalls of Social Media for School Districts
The Top Five Legal Pitfalls of Social Media for School DistrictsThe Top Five Legal Pitfalls of Social Media for School Districts
The Top Five Legal Pitfalls of Social Media for School DistrictsDiana Benner
 
Essay On Information Technology Acts
Essay On Information Technology ActsEssay On Information Technology Acts
Essay On Information Technology ActsSandra Arveseth
 
Interim ferpa-ppt-for-registrar-site-6-24-14-1
Interim ferpa-ppt-for-registrar-site-6-24-14-1Interim ferpa-ppt-for-registrar-site-6-24-14-1
Interim ferpa-ppt-for-registrar-site-6-24-14-1UConnPub
 
Education law conference, March 2017 - Manchester - Understanding and dischar...
Education law conference, March 2017 - Manchester - Understanding and dischar...Education law conference, March 2017 - Manchester - Understanding and dischar...
Education law conference, March 2017 - Manchester - Understanding and dischar...Browne Jacobson LLP
 
Telecommunications policy 2010 2011
Telecommunications policy 2010 2011Telecommunications policy 2010 2011
Telecommunications policy 2010 2011Tedd Wilson
 
Education law conference, March 2017 - Nottingham - Understanding & dischargi...
Education law conference, March 2017 - Nottingham - Understanding & dischargi...Education law conference, March 2017 - Nottingham - Understanding & dischargi...
Education law conference, March 2017 - Nottingham - Understanding & dischargi...Browne Jacobson LLP
 
11.21.10 inventedstudentuseagreement
11.21.10 inventedstudentuseagreement11.21.10 inventedstudentuseagreement
11.21.10 inventedstudentuseagreementPaula Naugle
 

Ähnlich wie Data protection policy done (20)

COPPA for Newbies
COPPA for NewbiesCOPPA for Newbies
COPPA for Newbies
 
FERPA - SCASFAA 2015
FERPA - SCASFAA 2015FERPA - SCASFAA 2015
FERPA - SCASFAA 2015
 
Introduction to Data Protection and Information Security
Introduction to Data Protection and Information SecurityIntroduction to Data Protection and Information Security
Introduction to Data Protection and Information Security
 
Privacy and Civil Liberties
Privacy and Civil LibertiesPrivacy and Civil Liberties
Privacy and Civil Liberties
 
Security
SecuritySecurity
Security
 
Policy 020-student-personal-information
Policy 020-student-personal-informationPolicy 020-student-personal-information
Policy 020-student-personal-information
 
Data protection ppt
Data protection pptData protection ppt
Data protection ppt
 
Legislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to KnowLegislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to Know
 
Student Privacy Rights: In and Out of the Classroom
Student Privacy Rights: In and Out of the ClassroomStudent Privacy Rights: In and Out of the Classroom
Student Privacy Rights: In and Out of the Classroom
 
Training innovations information governance slideshare 2015
Training innovations information governance slideshare 2015Training innovations information governance slideshare 2015
Training innovations information governance slideshare 2015
 
COPPA
COPPACOPPA
COPPA
 
Ch 17 data protections act
Ch 17 data protections actCh 17 data protections act
Ch 17 data protections act
 
The Top Five Legal Pitfalls of Social Media for School Districts
The Top Five Legal Pitfalls of Social Media for School DistrictsThe Top Five Legal Pitfalls of Social Media for School Districts
The Top Five Legal Pitfalls of Social Media for School Districts
 
4514611.ppt
4514611.ppt4514611.ppt
4514611.ppt
 
Essay On Information Technology Acts
Essay On Information Technology ActsEssay On Information Technology Acts
Essay On Information Technology Acts
 
Interim ferpa-ppt-for-registrar-site-6-24-14-1
Interim ferpa-ppt-for-registrar-site-6-24-14-1Interim ferpa-ppt-for-registrar-site-6-24-14-1
Interim ferpa-ppt-for-registrar-site-6-24-14-1
 
Education law conference, March 2017 - Manchester - Understanding and dischar...
Education law conference, March 2017 - Manchester - Understanding and dischar...Education law conference, March 2017 - Manchester - Understanding and dischar...
Education law conference, March 2017 - Manchester - Understanding and dischar...
 
Telecommunications policy 2010 2011
Telecommunications policy 2010 2011Telecommunications policy 2010 2011
Telecommunications policy 2010 2011
 
Education law conference, March 2017 - Nottingham - Understanding & dischargi...
Education law conference, March 2017 - Nottingham - Understanding & dischargi...Education law conference, March 2017 - Nottingham - Understanding & dischargi...
Education law conference, March 2017 - Nottingham - Understanding & dischargi...
 
11.21.10 inventedstudentuseagreement
11.21.10 inventedstudentuseagreement11.21.10 inventedstudentuseagreement
11.21.10 inventedstudentuseagreement
 

Mehr von kgrosvenor

New%20 national%20curriculum%20for%20impact%202013
New%20 national%20curriculum%20for%20impact%202013New%20 national%20curriculum%20for%20impact%202013
New%20 national%20curriculum%20for%20impact%202013kgrosvenor
 
Results survey 13296552_sd
Results survey 13296552_sdResults survey 13296552_sd
Results survey 13296552_sdkgrosvenor
 
Ict mark 2013 action plan 2
Ict mark 2013 action plan   2Ict mark 2013 action plan   2
Ict mark 2013 action plan 2kgrosvenor
 
Ict mark 2013 action plan 2
Ict mark 2013 action plan   2Ict mark 2013 action plan   2
Ict mark 2013 action plan 2kgrosvenor
 
Ict mark 2013 action plan 2
Ict mark 2013 action plan   2Ict mark 2013 action plan   2
Ict mark 2013 action plan 2kgrosvenor
 
Michael rosen prem
Michael rosen   premMichael rosen   prem
Michael rosen premkgrosvenor
 
Victorian schools saniyah
Victorian schools   saniyahVictorian schools   saniyah
Victorian schools saniyahkgrosvenor
 
Christmas dinner poster
Christmas dinner posterChristmas dinner poster
Christmas dinner posterkgrosvenor
 
Hota byod bring your own device letter
Hota byod bring your own device letterHota byod bring your own device letter
Hota byod bring your own device letterkgrosvenor
 
Apple i pad loan agreement
Apple i pad loan agreementApple i pad loan agreement
Apple i pad loan agreementkgrosvenor
 
E saftey policy done
E saftey policy   doneE saftey policy   done
E saftey policy donekgrosvenor
 
Vision statement-for-ict-chad-vale-done1
Vision statement-for-ict-chad-vale-done1Vision statement-for-ict-chad-vale-done1
Vision statement-for-ict-chad-vale-done1kgrosvenor
 
Vision statement for ict chad vale done
Vision statement for ict chad vale   doneVision statement for ict chad vale   done
Vision statement for ict chad vale donekgrosvenor
 

Mehr von kgrosvenor (14)

New%20 national%20curriculum%20for%20impact%202013
New%20 national%20curriculum%20for%20impact%202013New%20 national%20curriculum%20for%20impact%202013
New%20 national%20curriculum%20for%20impact%202013
 
Results survey 13296552_sd
Results survey 13296552_sdResults survey 13296552_sd
Results survey 13296552_sd
 
Ict mark 2013 action plan 2
Ict mark 2013 action plan   2Ict mark 2013 action plan   2
Ict mark 2013 action plan 2
 
Ict mark 2013 action plan 2
Ict mark 2013 action plan   2Ict mark 2013 action plan   2
Ict mark 2013 action plan 2
 
Ict mark 2013 action plan 2
Ict mark 2013 action plan   2Ict mark 2013 action plan   2
Ict mark 2013 action plan 2
 
Michael rosen prem
Michael rosen   premMichael rosen   prem
Michael rosen prem
 
Tco
TcoTco
Tco
 
Victorian schools saniyah
Victorian schools   saniyahVictorian schools   saniyah
Victorian schools saniyah
 
Christmas dinner poster
Christmas dinner posterChristmas dinner poster
Christmas dinner poster
 
Hota byod bring your own device letter
Hota byod bring your own device letterHota byod bring your own device letter
Hota byod bring your own device letter
 
Apple i pad loan agreement
Apple i pad loan agreementApple i pad loan agreement
Apple i pad loan agreement
 
E saftey policy done
E saftey policy   doneE saftey policy   done
E saftey policy done
 
Vision statement-for-ict-chad-vale-done1
Vision statement-for-ict-chad-vale-done1Vision statement-for-ict-chad-vale-done1
Vision statement-for-ict-chad-vale-done1
 
Vision statement for ict chad vale done
Vision statement for ict chad vale   doneVision statement for ict chad vale   done
Vision statement for ict chad vale done
 

Data protection policy done

  • 1. Chad Vale Primary School. Data Protection Policy The school will comply with: � The terms of the 1998 Data Protection Act, and any subsequent relevant legislation, to ensure personal data is treated in a manner that is fair and lawful. � Birmingham Education Service advice and guidance supplied in the Data Protection Advice for Schools flyer and Data Protection Guidance for Schools booklet. � Information and guidance displayed on the Information Commissioner’s website (www.dataprotection.gov.uk) This policy should be used in conjunction with the school’s Internet Acceptable Use Policy and the Freedom of Information Policy. Data Gathering All personal data relating to staff, pupils or other people with whom we have contact, whether held on computer or in paper files, are covered by the Act. Only relevant personal data may be collected and the person from whom it is collected should be informed of the data’s intended use and any possible disclosures of the information that may be made. Data Storage • Personal data will be stored in a secure and safe manner. • Electronic data will be protected by standard password and firewall systems operated by the school. • Computer workstations in administrative areas will be positioned so that they are not visible to casual observers waiting either in the office or at the reception hatch. • Manual data will be stored where it is not accessible to anyone who does not have a legitimate reason to view or process that data. • Particular attention will be paid to the need for security of sensitive personal data. Data Checking The school will issue regular reminders to staff and parents to ensure that personal data held is up-to-date and accurate. Any errors discovered would be rectified and, if the incorrect information has been disclosed to a third party, any recipients informed of the corrected data. Data Disclosures • Personal data will only be disclosed to organisations or individuals for whom consent has been given to receive the data, or organisations that have a legal right to receive the data without consent being given. • When requests to disclose personal data are received by telephone it is the responsibility of the school to ensure the caller is entitled to receive the data and that they are who they say they are. It is advisable to call them back, preferably via a switchboard, to ensure the possibility of fraud is minimised.
  • 2. • If a personal request is made for personal data to be disclosed it is again the responsibility of the school to ensure the caller is entitled to receive the data and that they are who they say they are. If the person is not known personally, proof of identity should be requested. • Requests from parents or children for printed lists of the names of children in particular classes, which are frequently sought at Christmas, should be politely refused as permission would be needed from all the data subjects contained in the list. (Note: A suggestion that the child makes a list of names when all the pupils are present in class will resolve the problem.) • Personal data will not be used in newsletters, websites or other media without the consent of the data subject. • Routine consent issues will be incorporated into the school’s pupil data gathering sheets, to avoid the need for frequent, similar requests for consent being made by the school. • Personal data will only be disclosed to Police Officers if they are able to supply a WA170 form which notifies of a specific, legitimate need to have access to specific personal data. This form is the agreed procedure between Birmingham City Council and West Midlands Police. • A record should be kept of any personal data disclosed so that the recipient can be informed if the data is later found to be inaccurate. Subject Access Requests If the school receives a written request from a data subject to see any or all personal data that the school holds about them this should be treated as a Subject Access Request and the school will respond within the 40 day deadline. Informal requests to view or have copies or personal data will be dealt with wherever possible at a mutually convenient time but, in the event of any disagreement over this, the person requesting the data will be instructed to make their application in writing and the school will comply with its duty to respond within the 40 day time limit. This policy will be included in the Staff Policy Folders. Data Protection statements will be included in the school prospectus and on any forms that are used to collect personal data. This policy was updated August 2012 by Kerry Grosvenor. Reviewed on August 2012. …………………………………………………………... Signed: Chair of Governors Date:…………………………………………………….