The Data Protection Module gives your school a solution to enable you to comply and simplify the complexity of the new GDPR requirements.
The General Data Protection Regulation (GDPR) replaces the Data Protection Regulation and will come into effect on 25 May 2018. It will affect every school that stores or processes personal information of EU citizens. This easy-to-use module will help your school to protect the information by complying to GDPR and avoiding being imposed with penalties and fines.
The Data Protection module allows you to create, configure and manage consent registers with the Consent Management feature, including capturing consent from parents at the start of the Admissions process via the Admissions Portal. It will also help to simplify the recording of information relating to any data breaches. It gives you access to a centralised area for the recording of all erasure requests and records Impact Assessments carried out. With this module you are able to maintain a record of any data protection audits and their outcomes, as well as the ability to maintain a comprehensive record of all DSAR’s from request through to completion.
Consent Register Configuration
Create consent registers, select the data subject type(s) to which it applies and ensure valid fields are set.
View and Manage Consents
Manage consents against single data subject or bulk apply against multiple consent registers to multiple data subjects. View and maintain both data subject consent.
Capture Consent at Admission
Ability to capture consent at the time of enquiry for applicants and associated contacts.
Manage parental consent when communicating with parents during the Application/Admissions process, one of the GDPR requirements.
Data Subject Access Requests (DSAR)
Providing you with an area to record DSAR requests against a data subject, including fields for status, date and other key information.
Data Breach Record
An area to record data breaches which also includes fields regarding status, nature and other important information.
Data Protection Audit
An area to execute and record the results of regular data protection audits which includes a series of questions for your data protection audit as well as fields to record DPA issues and actions.
Data Protection Impact Assessments (DPIA)
An area to store the results of DPIAs which includes fields to summarise the process being reviewed, the rationale behind the DPIA, the outcome of the DPIA as well as other pertinent fields.
An area to record Erasure requests which includes fields such as the person, the date and the outcome.
A simple area to configure a URL to your privacy notice which will integrate with apps and portals to show a link to your privacy notice.
An area to record when and what staff data protection training was undertaken with configurable topics/courses. Includes reporting of upcoming expiring training for staff.