recent work

ICO report urges schools to ensure data protection law compliance

An ICO-written report has been released today, aiming to help schools ‘ensure they are handling pupils’ personal information in-line with the law’ – and gives practical advice on how to comply with the Data Protection Act.

It was prompted by a survey of 400 schools across nine local authority areas that showed that whilst awareness of data protection laws was generally good, schools need to pay more attention to complying with data protection law.

The survey showed 95 per cent of schools provided some information to pupils and parents about what was done with personal information.

But a third of schools with password-protected computer systems conceded the passwords were not necessarily strong enough and not changed regularly, with 20 per cent admitting email systems were not secure.

Louise Byers, ICO Head of Good Practice, helped draft the report: “The survey results showed that whilst awareness of the law was broadly good, knowledge on how to comply with it wasn’t always there. In many respects that should come as no surprise – it’s not teachers’ area of expertise – and it is precisely what our report is aiming to address.

“I’d urge teachers and heads to take a look at our recommendations and make sure they’re complying with the law. The sensitive personal data that schools handle means it is crucial they get this right, and we hope the ICO’s report will help them achieve that.”