Data protection

From InsightWiki
Revision as of 13:53, 29 August 2017 by Admin (talk | contribs)
Jump to navigation Jump to search

As of 25th May 2018, the General Data Protection Regulation will come into force throughout the EU. "The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC ... "
http://www.eugdpr.org/

The GDPR requires that organisations have a legal basis for processing personal data of individuals (referred to as Data Subjects). There are several bases for processing the personal data of Data Subjects, including the unambiguous consent of the Data Subject to do so. Organisations must prove that they have a legal basis for processing personal data, or otherwise face fines.

The Data Protection report in Insight is designed as an aid for schools to prove they have a legal basis to process personal data about staff, students and students' contacts (hereafter referred to as parents, although the contacts may not actually be parents). Each type of data stored by Insight is listed on the Data Protection report. The Data Controller(s) of the school can select any of the GDPR legal bases for processing that data, using the Data Protection report.

The Data Protection Report

The Data Protection report in Insight lists each item of data stored by Insight, regarding various stakeholders. The Domain lists the type of person whose data is stored/process and the Field explains exactly what data is stored/processed.

DPreport.jpg