People Responsible for Data Protection in Schools

Most Popular

Ultimately, everyone has a responsibility in ensuring data is processed securely in a school. Staff and even students who handle personal data need to prevent it from coming into possession of anyone who hasn’t been given permission to view or process it.

There should be specifically elected individuals who are educated on data protection and who implement and uphold systems and policies.

The Senior Information Risk Officer (SIRO)

All schools should have a senior member of staff who is familiar with information risks and the school’s risk-reduction strategies. This is usually a member of the Senior Leadership Team.

The Senior Information Risk Officer must:

  • Ensure appropriate mitigations are in place to minimise risks.
  • Foster a culture that values, protects, and utilises information securely and in a way that benefits the organisation.
  • Take charge of the information risk policy and risk assessments, and ensure they are implemented by the Information Asset Owner(s).
  • Act as an advocate for information risk management.

SIROs should undertake training annually to keep their skills and capabilities up to date and relevant to their organisation. It’s essential that they have the necessary knowledge and skills to fulfil their role and ensure people’s privacy.

The Information Asset Owner (IAO)

The IAO is a member of the school community who is responsible for compiling or working with specific personal information. They must:

  • Know what information the organisation holds and for what purpose.
  • Understand how information is amended, added to, removed, or moved overtime.
  • Know who has access to the data and for what purpose.
  • Recognise how the information is retained and disposed of securely.
  • Information Asset Owners should:
  • Maintain a log of access requests made to the organisation.
  • Monitor users’ rights to transfer information to removable media, i.e. USB and external hard drives.
  • Negotiate, manage, and approve agreements on the sharing of personal information.
    Monitor access to personal information.
  • Provide an annual written assessment to the SIRO detailing the security and use of their asset.

When appointed to their position, they must undertake information management training, and retake it at least annually.

Cellphones in Schools: Unveiling the Pros and Cons

In the modern educational landscape, the cellphones in schools has emerged as a pivotal tool, offering both benefits and drawbacks to the learning environment....

Should school classes start later?

The American Academy of Pediatrics recommended in August 2014 that middle and high schools should not commence before 8:30 a.m. According to the Brookings...

5 Best English and European Schools in Luxembourg

When relocating to Luxembourg, navigating the education system can feel overwhelming, especially due to the language barrier. However, there is good news. Luxembourg offers...

Is there a future for European schools?

With many problems facing the European school system and with their humongous and inefficient bureaucracy that forgets that the main goal is to provide...

Leene Soekov shows lack of awareness about SWALS

Reply from worried parent to deputy director Leene Soekov Dear Ms Soekov, Your answer is not only very worrying but it also shows the lack of...

Another example of discrimination of SWALS students

It is unbelievable how new Mamer school management doesn't have a clue about situation of minorities in the school. New secondary Deputy Director Mrs Leene...