Welcome to our February bulletin. We have been very busy over the past few months working on a number of projects to improve our capacity for you so we have a bumper edition of the bulletin this month! Key topics include:


  • DfE Privacy Information Updates
  • ICO Guidance for Educational Settings
  • DfE Technology Standards in Education
  • Data Protection in the News
  • Regulatory Updates and Resources
  • Latest SchoolPro TLC Information (including new privacy notices and DPIAs)

Cyber Security Training Reminder
The Risk Protection Arrangement (RPA) has issued a reminder that all member schools should ensure their staff complete Cyber Security training annually. This initiative underscores the increasing importance of safeguarding our digital environments against potential threats. Ensure your school’s compliance by scheduling or updating your training programs.

DfE Privacy Information Updates
The Department for Education (DfE) has recently published and updated several privacy information guidelines:

These privacy notices have all also had their first update. These changes include details on the retention of Deeds, data use for case studies, and the DfE Sign-In process.

Additionally, the DfE’s Personal Information Charter has been updated. Key updates include:

  • Expanded sections on ‘How we use your information’ with links to new privacy notices.
  • Clarifications on ‘Storing your personal information outside the UK’.
  • New sections on ‘Automated decision making and profiling’ and a new ‘Records and Information Management Policy’.

These updates won’t impact on your own school privacy notices.

ICO Guidance for Educational Settings

  • The ICO provides specific data protection tips for early years settings, crucial for ensuring the privacy and security of the youngest in our care.
  • Clarifying information requests can be complex. The ICO’s recent guidance helps demystify this process, ensuring your school responds correctly and efficiently. Learn about clarifying information requests.
  • Updated guidance on Freedom of Information (FOI), Environmental Information Regulations (EIR), and personal data has been released. Understanding these updates is vital for handling requests appropriately. Review the updated guidance.

DfE Technology Standards in Education

ICO Campaigns and Initiatives
A new ICO campaign promotes sharing data to safeguard children. This initiative emphasizes the importance of using data responsibly to protect the well-being of students.

DfE Daily School Attendance – Data Protection Impact Assessment (DPIA) Update
The guidance for sharing daily school attendance data has been updated, including the DPIA. This is for information and we will update if there are any specific actions required for schools.

Data Protection in the News
Recent incidents highlight the importance of robust data protection measures:

  • PSNI Data Breach underscores the serious consequences of data breaches.
  • The ICO has fined the Ministry of Defence over an Afghan evacuation data breach. This incident highlights the severe consequences of data mishandling and underscores the necessity of stringent data protection measures. Read more about the case here.
  • To BCC or Not BCC: A discussion on the risks and proper use of BCC in email communications.

Regulatory Updates and Resources

Financial Management Systems (FMS)
The FMS comparison matrix has been updated. Check the ‘Change log’ tab for detailed updates and ensure your system aligns with current standards.


Latest SchoolPro TLC Information

  • We have expanded our team! We have recruited a new Data Protection Officer (Sonia) and new administrative assistant (Teri) to increase our capacity for our schools. We are also looking out for another new Data Protection Officer as we continue to grow!
  • Our templates for Pupil & Parents Privacy Notices have been updated, including a new link to the National Pupil Database (NPD) privacy notice. Ensure your school’s notices are up to date by using the latest templates on our portal.
  • We have added another of our recent guidance and update blogs to the ‘Guidance’ folder of Global Documents as a downloadable pdf that can be shared with staff:
    • 📚 Handling Freedom of Information Requests
  • We’ve also recently added the following document to the portal in Global Documents:
    • Child Friendly Privacy Notice for Primary Pupils: This is a short version of the main Pupil and Parents Privacy Notice that has been written in language that should be accessible to KS2 children. Further adaptation would likely be needed to be suitable for KS1 children.
    • Privacy Notice for Supplier Contacts
    • DPIA for the use of Biometric Data (for example, fingerprints for cashless catering) using the IRIS FasTrak and BioStore system
    • DPIA for the use of CloudForEdu – Free School Meals Eligibility Checker
    • DPIA for the use of Doublestruck – Testbase and ExamPro
    • DPIA for the use of Doublestruck (Testbase Only)
    • DPIA for the implementation and use of Operoo


  • As mentioned in previous communications, we are pleased to inform you that we have organised a complimentary advisory session in partnership with Peninsula UK for our clients who may be facing challenges or have issues regarding HR, employment law, and health and safety matters.

    Get Complimentary Advice From The Market Leading HR and H&S Provider.

Further information on a range of data protection topics is available on our blog.

If you have any other questions, please contact us at DPO@schoolpro.uk.

Looking forward to a great academic year ahead!


SchoolPro TLC Ltd (2024)

SchoolPro TLC guidance does not constitute legal advice.

SchoolPro TLC is not responsible for the content of external websites.