The Data Protection Module gives your school a solution to enable you to comply and simplify the complexity of the new GDPR requirements.

The General Data Protection Regulation (GDPR) replaces the Data Protection Regulation and which came into effect on 25 May 2018. It will affect every school that stores or processes personal information of EU citizens. This easy-to-use module will help your school to protect the information by complying to GDPR and avoiding being imposed with penalties and fines.

The Data Protection module allows you to create, configure and manage consent registers with the Consent Management feature, including capturing consent from parents at the start of the Admissions process via the Admissions Portal. It will also help to simplify the recording of information relating to any data breaches. It gives you access to a centralised area for the recording of all erasure requests and records Impact Assessments carried out. With this module you are able to maintain a record of any data protection audits and their outcomes, as well as the ability to maintain a comprehensive record of all DSAR’s from request through to completion.

Key Features
Consent Register Configuration

Create consent registers, select the data subject type(s) to which it applies and ensure valid fields are set.

View and Manage Consents

Manage consents against single data subject or bulk apply against multiple consent registers to multiple data subjects. View and maintain both data subject consent.

Capture Consent at Admission

Ability to capture consent at the time of enquiry for applicants and associated contacts.

Parental Consent

Manage parental consent when communicating with parents during the Application/Admissions process, one of the GDPR requirements.

Data Subject Access Requests (DSAR)

Providing you with an area to record DSAR requests against a data subject, including fields for status, date and other key information.

Data Breach Record

An area to record data breaches which also includes fields regarding status, nature and other important information.

Data Protection Audit

An area to execute and record the results of regular data protection audits which includes a series of questions for your data protection audit as well as fields to record DPA issues and actions.

Data Protection Impact Assessments (DPIA)

An area to store the results of DPIAs which includes fields to summarise the process being reviewed, the rationale behind the DPIA, the outcome of the DPIA as well as other pertinent fields.

Erasure requests

An area to record Erasure requests which includes fields such as the person, the date and the outcome.

Privacy Notice

A simple area to configure a URL to your privacy notice which will integrate with apps and portals to show a link to your privacy notice.

Staff Training

An area to record when and what staff data protection training was undertaken with configurable topics/courses. Includes reporting of upcoming expiring training for staff.