Cybersecurity Resources and Guidance Jan 2023
- Meeting digital and technology standards in schools and colleges October 2022 TABLE.pdf
- GDPRis Guidance to access NCSC all staff training.pdf
- Cyber security standards for schools and colleges October 2022.pdf (Summary)
DFE Data Protection Guidance
Data Protection Inset Training Resources Autumn 2022
- PowerPoint Show Data protection & Cybersecurity inset 2022 V5.ppsx
- Link to Video https://my.uso.im/mydrive/1c11a7387f8a45fb97d0098c8136805c/Data-protection--Cybersecurity-inset-2022-V5
Data Protection Impact Assessment (DPIA)
- Do we need to do a DPIA? DPIA Flowchart v2.pdf
- DFE Data Protection Impact Assessment Template.docx
- Schools DPIA-template.docx
Privacy Notices
- General Privacy Notice.docx
- LBM Privacy Notice - Pupils Primary.docx
- LBM Privacy Notice - Pupils Secondary.docx
- LBM Privacy Notice - Pupils PRU.docx
- LBM Privacy Notice - School Workforce.docx
- LBM Privacy Notice - Governors and Volunteers.docx
- COVID-19 Testing Privacy Statement .docx
Policies
High Level Data Map Template
Awareness campaigns and posters
Breach Management Protocol
Subject Access Requests
All subject access requests should be recorded in GDPRis.
- Accessing Data in SchoolsV1.pdf
- Person Data Output - Running SIMS SAR report.pptx
- Acknowledgement of Receipt.docx A form for the requestor to sign if they choose to collect the documents from school.
- Guidance for Schools who have received a subject access request.docx
- Schedule 2 Part 1(2) Disclosure Form and Guidance.docx Form to formalise data request from law enforcement agencies.
Data Protection Governor Guidance
Own Device Toolkit (if you choose to allow use of home computers/devices for school business)
Data Protection Risk Register
CCTV
Biometric Data Policy
- Biometric Data Policy V1.docx
Freedom of Information
Retention Schedule and Records Management
- Updated December 2022: Merton Schools Retention Schedule 2022.pdf
- Records Management Policy 2020.docx