The General Data Protection Regulation (GDPR), replaces the existing Data Protection Act on May 25th 2018. Organisations who do not comply can be fined €20 million or 4% of their global annual turnover, whichever is higher.
Schools will need to closely examine many parts of their operation in order to ensure they are compliant, but one often overlooked aspect is how GDPR can be accommodated by a school's online safeguarding processes.
[This article was originally published in September 2017]
One year ago, the current safeguarding statutory guidance for schools and colleges came into effect. The Department for Education's Keeping Children Safe in Education commenced on 5 September 2016, replacing the previous July 2015 edition.
The new guidance extended some responsibilities to colleges, where they had previously only applied to schools. It also added useful signposts to other, related, guidance and generally sought to clarify the previous version.
Recently, a few of our customers have upgraded their internet connections. Wanting to test the shiny new connections and demonstrate that they were money well spent, they went to speedtest.net and were disappointed to discover that the reported speeds were unexpectedly low when the traffic was routed through their Opendium Iceni web filter. We ended up fielding a few support calls relating to this, and after some investigation discovered that the low speeds being reported were largely due to flaws in the speedtest.net application.
For effective safeguarding, it is not enough to just filter the internet. Identifying which user is responsible for each web request is extremely important, as this allows for filtering to be tuned to the individual users, and for reports to be used effectively to address abuses and concerns with the individuals involved..