A few data protection compliance considerations for the new term

High importance!

The GDPRiS team continuously monitor what is happening in the data protection arena to ensure our users are up to date with the latest news. There are potential GDPR compliance concerns to bring to your attention with which a new partner can help.

We’re delighted to announce that we have partnered with a new on-call incident response and management solution called teamSOS. Designed to safeguard staff and students during incidents teamSOS bring the right people together to ensure a smooth return to learning as soon as possible. Here are some data protection incidents where teamSOS can help.

1. Is your school using WhatsApp to communicate with staff?

Last week Ireland’s data privacy watchdog imposed a record €225 (£193m) fine on WhatsApp for violating EU data protection law; the same law adopted by the UK. WhatsApp was a convenient tool that appeared to meet the needs of schools during the pandemic. However, WhatsApp makes it very clear in its terms and conditions that it is not a professional communication tool and shouldn’t be used for business purposes. If your school is using it to discuss school business, you are compromising your ability to comply with the GDPR. You are NOT the data controller and can only rely on WhatsApp’s Ts&Cs as to how your data is managed.

2. Are you using walkie-talkies to respond to and manage incidents?

Walkie-talkies may bring their own issues. Anyone who is not entitled to hear a conversation must not be given the opportunity to do so, and can you be sure no-one else is listening into your conversations on the same channel? Even the most basic data, such as name, must never be overheard. Whilst a walkie-talkie does not store personal data and is not directly covered by the GDPR, it does bring privacy concerns.

3. What are your communication processes during Cyberattacks?

Sadly, Cyberattacks are becoming more frequent in schools. There have been reports of schools being locked out and crippled, with no access to their data. The National Cyber Security Centre put out an alert to schools, colleges and universities in March 2021 warning of a rise in ransomware attacks and there has been no let-up since then.

Have you considered how you will communicate to staff if you no longer have access to the email system or the internet to use Teams or Zoom? Your technical team must be given highest priority to secure the personal data you hold and it is important to keep everyone informed of events and what they should do.

Some key features of teamSOS

  • A simple ‘call for help’ button for every member of staff
  • Response team ‘hunt groups’, ensuring immediate specialist support
  • In-the-moment guidance, with school-specific in-app task lists and first-aid videos
  • Secure messaging to ensure your data is protected and that you have control over who can or can’t access it
  • Push-to-talk technology, putting walkie-talkie style functionality in the hands of all staff
  • Speech-to-text technology ensures privacy when others are around

Talking about their use of teamSOS, the Headteacher at Heron Way Primary School commented “teamSOS has provided a very clear message to our staff that their safety matters. The app has sped up our response time and is creating a safer learning environment at Heron Way”. Headteacher, Heron Way Primary School

There is a discount to all GDPRiS customers that purchase an annual subscription and the opportunity of a free trial so you can try before you buy!

Sign up for a free trial.