Information governance advice for schools
All schools in Devon are individually responsible for ensuring that they comply with the requirements of the General Data Protection Regulation (GDPR) the Freedom of Information Act (FOIA) 2000.
If you are unclear about your obligations under either legislation or would like more specific support with a particular Information Governance issue or request, please contact the Information Commissioner’s Office on 0303 123 1113.
Devon County Council is not legally obliged to provide support to schools or academies to assist them with enquiries under information disclosure legislation. However, to assist schools the council has compiled the following guidance.
General Data Protection Regulations
General information on the new regulations is available from:
- Devon County Council
- Information Commissioners Office
- General Data Protection Regulations – printable guide
More specific help is available via the information on the links below:
Devon County Council has also produced a Photography and filming in schools Code of Practice.
The Council has also produced a series of template policies to help schools meet their obligations under the GDPR. These policies are available for schools to download and adapt below:
- Data Protection Policy
- Data Subject Rights Procedure
- Information Assurance Policy
- Privacy Impact Assessment Procedure
- Security Incident Management Policy
- Security Incident Management Procedure
To help schools comply with their obligations to ensure contracts have sufficient data protection controls, the County Council has produced a template GDPR data processor agreement. This should be used as an addendum to any existing contracts which schools with contractors who process personal data on their behalf. These standard terms are available from the link below:
Freedom of Information Act 2000
|Obligation||Published guidance||More information|
|Apply exemptions appropriately||Refusing a Request – Devon County Council||Information Commissioner’s Office|
|Maintain a publication scheme||Read the ICO’s guidance on Publication schemes||Contact the Information Commissioner’s Office on 0303 123 1113|
|Refusing a request appropriately||Read the ICO’s guidance on Refusing a request||Contact the Information Commissioner’s Office on 0303 123 1113|
|Respond to requests within 20 working days||Read the ICO’s guidance on Handing a request||Contact the Information Commissioner’s Office on 0303 123 1113|