So, exactly how will the GDPR compliance affect how you do your work?

[DrMadelineMaxwell]

Still waiting for the actual info to be filtered down to us plebs at ours, but some stuff has been hinted at.

Double check who you are calling, ie don't not call the emergency contact first
-situation this week

Luckily I accidentally sent the wrong email to the wrong parent a few days BEFORE this thing kicks in, so profuse apologies sufficed.

Be very careful when forwarding/sending emails of the auto recognition in your email application. Several months ago I as a parent received the pupil premium details for all students at my dc's establishment as the sender had recently emailed me regarding my dc and the start of my email address was the same as a governor that was the intended recipient of the information.

What about the pupils' books? I've heard that we won't be allowed to take them home to mark them and that pupils won't be having their full name written on them either, just first name and initial.

I dont see why a governor would details of all pupils on pupil premium, so that for starters.

Numbers, yes, and ££ it brings to the school. But not pupils' names.

I am a governor.

Emailed all alumni on our mailing list to confirm they are happy to hear from us (school newsletter).

Email all Year 13 to confirm they will be happy to hear from us in future.

Other bits & pieces. It's a grey area in some respects so we are doing what we think is right...

My school will probably get round to it after someone questions their breach of it. They are not the most proactive.

A lot of these things would be issues already under the current legislation and are not related to GDPR, e.g making sure you are phoning/e-mailing the right person.

Not writing names on books sounds bonkers. What next, not naming the children at all? Maybe we could give them an inmate number instead

We think it's bonkers too. I await to be told officially if that's the way it's been interpreted by our LEA or not.

If I can't take books home to mark then I can't mark! No time on work!

Might have been on here that I read that any pupil data (which I presume included assessment/test results) taken home, had to be in encrypted form??
If I only even knew what that was, let alone how to do it.

In work!!

We're only supposed to take data home in encrypted form. Reality means logging on to the school server from home which isn't the end of the world. We seem to have a balance of common sense v legislation in our place. I've heard some horror stories though.

USB sticks have been banned. OneDrive for everything now.

USB sticks have been banned. OneDrive for everything now

Because Microsoft have never leaked data!

I know, right CDTaylor?

There's a lot of hysteria and misinformation around. It's crap that you can't take books home - your school perhaps needs to give guidance about home working, but that's it. It's all about risk assessment - there's very little that's concrete about what you're not 'allowed' to do under GDPR - it's all about the school assessing its practices, deciding what the risks are for all these practices, and then deciding whether the practice is going to be changed or not. And in most cases it won't need to be. It's like all the crap about not being allowed visitor books any more - absolute nonsense. The problem is that all the misinformation over trivial stuff is obscuring the really big issues - for example that some parents will be quite possibly submitting 'subject access requests' where they ask for copies of all data the school holds about them (they could do this before but are more likely to do it now). So it's important to be incredibly mindful about how you refer to a child or a parent in any communication in any form. Otherwise, one of the big things is never using an unencrypted USB stick or an unencrypted laptop.

I work in the community rather than in a school and we’re not allowed to carry any children’s addresses with us... so how are we meant to find them then?? 🙈

In all seriousness I do worry though as I have to carry information with me in order to do my job. For example, today I needed some information to do a CAF so I had to collect it from the parent to fill in later on my computer ( council computers are far to slow to try and set up at their house). I guess all I can do is try to use code (eg initials) and destroy the data as soon as it is inputted onto the form.

Oh and also I can’t print at home so have to travel 45 mins to the office to do it!

How do you encrypt a memory stick then? (Briefly!)

Does ‘encrypt’ just mean ‘password protect’?

Ah right! I could do that.

I think.

I'm no expert, but I think the easiest way to have an encrypted USB stick is to buy a ready-encrypted one. They're about twenty quid on Amazon. (Something else that schools have no budget for!!). I think you can encrypt them yourself but it's complicated. Trialsmum, as I say I'm no expert, but I think in your case you'd have to think about what information you absolutely have to have with you to perform your job, and then if you have to have that information with you, then you have to think about the best and most secure way of carrying and storing it. And most importantly, document whatever thought process you went through and why you reached the decision you did. The thing that people are going to get in big trouble for is not thinking about it in the first place, or not following the procedures you've put in place (ie if your school writes a policy on using data at home but then you don't follow it, then it's your fault if something goes wrong - if you follow the procedure but something happens anyway, then it's much less of a problem/not your fault).

Not a teacher but work with young people, you should be able to use winRar to make an encrypted zip file to carry on a USB drive and decrypt at the other end.