We will ensure that under the Data Protection Act 1998 all school personnel are able to access their personal data that is held about them. We believe it is our duty to respond to any request of access within 40 days.
We aim to protect the right of school personnel to privacy in line with the Data Protection Act 1998.
We believe that all personal data covered by the Data Protection Act 1998 includes the school admission register, attendance registers, curricular records, assessment data, class lists, reports to parents, disciplinary records, school personnel files, financial information, and strategic and improvement plans.
We aim to fulfil our obligations under the Data Protection Act 1998.
We as a school community have a commitment to promote equality. Therefore, an equality impact assessment has been undertaken and we believe this policy is in line with the Equality Act 2010.
To allow all school personnel their right to have access to their personal data.
To protect all school personnel’s right to privacy in line with the Data Protection Act 1998.
To work with other schools to share good practice in order to improve this policy.
Role of the Governing Body
The responsibility to comply with the legal requirements of the Data Protection Act 1998;
Delegated powers and responsibilities to the Headteacher as ‘Data Controller’ for the school;
Delegated powers and responsibilities to the Headteacher to ensure all school personnel and stakeholders are aware of and comply with this policy;
Responsibility for ensuring that the school complies with all equalities legislation;
Responsibility for ensuring funding is in place to support this policy;
Ensuring this policy and all policies are maintained and updated regularly;
Responsibility for ensuring all policies are made available to parents;
Responsibility for the effective implementation, monitoring and evaluation of this policy
Role of the Headteacher and Senior Leadership Team
Ensure the school complies with the Data Protection Act 1998 and the eight data protection principles;
Ensure security measures and confidential systems are in place to protect personal data and pupil records;
Ensure all personal data is accurate and that inaccurate data is corrected or erased;
Ensure that at the beginning of every academic year all school personnel will have access to their personal data;
Ensure procedures are in place to deal with requests for access to personal data;
Ensure school personnel are aware of their rights;
Ensure school personnel are aware of their responsibilities
Provide leadership and vision in respect of equality;
Provide guidance, support and training to all staff;
Monitor the effectiveness of this policy;
Report to the Governing Body on the success and development of this policy
Role of School Personnel
Comply with all aspects of this policy;
Follow the safe and confidential system procedures that are in place to protect personal data and pupil records;
Receive a copy of their personal data at the beginning of every academic year:
Check this data and will inform the Data Controller of any mistakes;
Apply in writing for access to their personal data;
Comply and respect confidentiality of personal information when involved with interviewing new school personnel;
Inform the school and the Local Authority of any changes to their personal data
Implement the school’s equalities policy and schemes;
Report and deal with all incidents of discrimination;
Attend appropriate training sessions on equality;
Report any concerns they have on any aspect of the school community
Data Protection Principles
Personal data must:
be processed lawfully;
be obtained and processed for specific and lawful purposes;
be sufficient, appropriate and not excessive in relation to the precise purpose;
be accurate and up to date;
not be kept for a great length of time;
be processed in agreement with the individual’s legal rights;
be protected against unlawful processing, accidental loss, destruction or damage;
not be transferred outside the EU unless the rights and freedom of the individual is protected
We work in conjunction with the Local Authority Code of Practice to ensure that computers and servers comply with all up to date Government regulations and are secure with:
fire wall software;
All school personnel are trained to:
be discreet and confidential;
consider the safe and secure positioning of computers;
back up data;
turn off computers when not in use;
remember password access;
lock filing cabinets and doors to offices;
shred confidential material;
clear their desk before they leave school
Disclosure of Data
Personal data cannot be disclosed to a third party without the consent of the individual except when it is legally required.
Requests for Access to Data
All requests from school personnel for access to their data must be made in writing on headed paper and sent to the data controller.
Rights of Individuals
Individuals have rights to:
know when their data is being processed, the reason it is being processed and the name of the person or organisation requesting the information;
prevent processing which could be harmful to them or others;
prevent the processing of their performance management records;
go to court to prevent inaccurate data being used;
be compensated if a data controller contravenes the Data Protection Act;
stop data being processed for direct marketing
Individuals are not entitled to:
copies of their references;
information on pay reviews;
examination results until they have been released
Any member of the school personnel who disputes any aspect of their personal data with the Data Controller has the right to take up the matter under the school’s formal grievance procedures.
Periodic training will be organised for all school personnel so that they are kept up to date with new information and guide lines concerning equal opportunities.
This policy will be reviewed when necessary.