Information Governance and Data Protection Officer (DPO) Service

The General Data Protection Regulation (GDPR) came in to effect on the 25th May 2018. GDPR brings additional rights to individuals and additional responsibilities to organisations that process personal data.  One of the regulations is to have a mandatory Data Protection Officer (DPO) that is responsible for overseeing the school’s compliance with GDPR.

Our Information Governance Service offers the following:

● Outsourced nominated Data Protection Officer (DPO) service
● Training for school staff/volunteers and governors
● Liaison between school and the Information Commissioner’s Office (ICO)
● Management of Data Protection breaches
● Management of Freedom of Information and Subject Access Requests
● Drafting and publication of data protection and privacy notices

*We offer two packages for Information Governance (IG).  A Standard IG Service and an Enhanced IG Service.

Summary of Standard Information Governance Service

• Qualified, experienced named Data Protection Officer (DPO)
• Provide Information and advice on compliance with GDPR and related data protection legislation.
• Review of existing data protection related Policies, Procedures and Privacy Notices.
• Provide training for staff/volunteers/governors ( max 4 hours )
• Advise on the necessity of a Data Protection Impact Assessment (DPIA) the manner of its implementation and potential outcomes.
• To act as the lead contact for communications with the Information Commissioner’s Office (ICO).
• Advise and support on the management of Data Protection breaches.
• Drafting of all necessary Data Protection related
• Policies, Procedures and Privacy Notices

Enhanced Information Governance Service

In addition to all the items listed in the Standard service, the Ehanced Service offers the following:
• Provide training for staff/volunteers/governors for a maximum of 8 hours (instead of 4 hours)
• Review, Monitor and advise on the School’s record of data processing activities.
• Manage all requests to the school under GDPR – including Onsite scanning (max 10)
• Review, Monitor and advise on the School’s record of data processing activities.
• Manage all requests to the school under GDPR – including Onsite scanning (max 10)
• Conduct an annual audit of your data processes and provide a report on findings for senior management or Governors.
• Manage all requests under Freedom of Information (FOI) (Max 10)
• Manage all requests under Subject Access (SAR) (Max 10)
• On site support to move towards electronic records and upload to RM Integris
• Lessons to students on the use and importance of the security of their personal data
• Manage all requests under Environmental
• Information regulations (Max 10)

Costs

 NurseryPrimarySecondary
Standard IG Service*
Enhanced IG Service*

Ad Hoc (per FOI/SAR/EIR): £250

*Discounts available for multi-site schools/academies and existing schools subscribing to Connetix services – please contact ig@connetix.co.uk for further details.

“The service is brilliant. It enables the school to spend more time teaching whilst assured that a qualified person is dealing with the GDPR and Information Governance regulations” – Primary School Headteacher, London E1.

Louise Manthorpe

Director of IG & DPO Consultant

My name is Louise Manthorpe, I am a qualified Data Protection Professional (NADPO) with over 10 years experience managing Information Governance for the Police and Social Care services.  I am also a member of the Information and Records Management Society (IRMS).

If you have any questions about me or the IG Service at Connetix, please dont hesitate to contact me at IG@Connetix.co.uk