This service has been specifically created to offer independent schools that are members of ISBA a cost effective but extremely thorough alternative to a full data protection audit. Think of it as an audit “lite” but at the fraction of the cost of an audit.
The aim of the health check is to determine and assess the School’s level of compliance with the main requirements of the European General Data Protection Regulation (GDPR) and the Data Protection Act 2018. If your School carries out digital direct marketing, then we will also assess its compliance with the relevant provisions of the Privacy and Electronic (EC) Communications Regulations 2003 (PECR).
- Exclusively for ISBA members
- Developed and tested by a data protection lawyer in partnership with ISBA
- Designed to complement the ISBA Data Protection Toolkit for Schools
- Deployed by a lawyer with specific experience auditing independent schools
- Includes a review of key data protection policies, Privacy Notices, consent mechanisms, Images Policy and Data Breach Protocol etc.
- Identifies key “high risk” areas of processing including medical, health and safeguarding personal data
- Systematically reviews the processing of personal data of both pupils and staff (including prospective, current and past) across all main school functions from Admissions through to Alumni
- Includes a review of marketing, fundraising, development and alumni
- Includes a data protection review of IT and your relationship with certain Processors
- You will receive a detailed written compliance Report including our Recommendations
- Includes an optional 1 day visit to your school
- £3000 including Vat and up to 1 nights overnight accommodation for the reviewer
For more information see “What to Expect from our Data Protection Health Check” and FAQs. For an Order Form see “ISBA Health Check Order Form”