Search Mobile

collapse

already registered?

Please sign in with your existing account details.

Email address

Password

need to register?

Register to access exclusive content, sign up to receive our updates and personalise your experience on brownejacobson.com.

Privacy statement - Terms and conditions

Forgotten your password?

collapseSign

Browne Jacobson home

Education home

Services

Data protection and information sharing

data protection and information sharing

View our GDPR webinar - the role of the data protection officer

Find out more

You will hold, use and potentially share a wide variety of personal information about the people you employ through to your pupils and students and any third parties you are engaged with. The costs and risks of mismanaging data are high; with high fines, reputational issues and even criminal penalties should things go wrong.

The General Data Protection Regulation (GDPR), which came into effect in May 2018 superseded the Data Protection Act 1998. It revolutionises data protection and has a potentially huge impact on UK schools, academies and colleges. With it comes significant change and a culture of privacy that must be embedded within your organisation. Those in breach of the GDPR will face heavy financial penalties of up to €20 million or 4% of global turnover, whichever is highest.

Our expert team of lawyers advise and assist schools on the approach you should be taking to handling data within your organisation. We advise on all areas of information law from the implications of data protection to the Freedom of Information Act.

what we do...

Draft and review of contracts – we support our clients in drafting and reviewing contracts, licensing agreements, service agreements, privacy notices, and other policies and procedures to help ensure compliance with European data protection rules.
Developments in privacy laws and guidance - we regularly advise clients on the implications of developments in privacy laws and guidance.
Supporting data breach management - we have extensive experience of providing legal support to clients at all stages, including: preparation and prevention, training, crisis management and resolution and recovery. We have strong connections with third parties who can provide specialist non-legal support, for example, threat intelligence, IT security specialists, public relations and credit monitoring. We can manage the process to ensure a coordinated approach protected by legal privilege.
Supporting privacy related litigation - we advise clients who are bringing or defending civil actions for breach of data protection, breach of confidence and for misuse of private information. We defend clients under investigation for criminal offences related to unlawful use of personal information. We also support victims of data crime or those have acted as witnesses in criminal investigations.

The General Data Protection Regulation (GDPR) - we understand how the GDPR impacts UK businesses and are working with clients to lead efforts on their GDPR and cyber-security compliance programmes.
Training and updates - we offer bespoke on-site training on data protection and cybersecurity issues. Our wider programme of training and legal updates also enables you to stay informed on developments in privacy laws and guidance.
Responding to and undertaking law enforcement requests for access to personal data - we advise on managing requests for information from a wide range of law enforcement bodies located in the. We have advised clients on complying with mandatory and discretionary requests. In doing so, we are always mindful of the risks arising from the Freedom of Information Act.
Data protection audit - we offer a range of auditing services advising organisations on their internal approach to data protection and privacy and data breach. We manage the registration and renewal process for notifications with the Information Commissioner’s Office (ICO).

related resources

Legal updates

Receiving a freedom of information request

As public authorities, maintained schools and academies (and trusts) are required to respond to requests for information they hold under the Freedom of Information Act 2000.

View

GDPR in education - the DPO role in schools and academies

This session was aimed at those undertaking the Data Protection Officer (DPO) role in schools and academies. It focuses on making sure you are fully equipped to begin your role on 25 May and will include, knowing and disseminating your policies, staff training and raising awareness, managing Subject Access Requests (SARs) and data breaches, your training.

View

Blogs

GDPR and the Department for Education

It’s only five weeks until the General Data Protection Regulation (GDPR) comes in and many schools have complained that the Department for Education (DfE) has not done enough.

View

Upcoming webinars

GDPR in education: being the DPO and ensuring readiness for 25 May

This session is aimed at those undertaking the Data Protection Officer (DPO) role in schools and academies.

View upcoming webinars

View all

what our clients say....

Great service and lovely people. Never made to feel that I should know something when I don't!

They have excellent visibility in the market, with useful contacts and vast experience of working within our sector. They have also responded quickly to every request we have made.

what the directories say...

A client adds: 'The firm is a very efficient and effective organisation, and I often hear other colleagues around the country reflecting on the high quality of their work, guidance and support.'

Chamber 2018

The ‘highly professional and responsive’ team at Browne Jacobson LLP assists educational providers, including multi-academy trusts, with restructuring and academisation as well as providing regulatory advice and representing institutional clients in discrimination claims.

Legal 500 2017

A very impressive team with a breadth of expertise in the education sector and, more specifically, special education needs. They are very up to the minute on the latest issues arising within the education sector.

Chambers 2017

recent experience

Advising a school on the subsequent application under the Data Protection Act for sight of an allegation that a staff member had entered into a relationship with the pupil at the school a number of years earlier. We gave full support to the school, advising on the employment law issues and on the complaint by the staff member regarding the details to be noted on their personnel file.
Supported a group of schools in drafting a Memorandum of Understanding as part of the process of moving towards formal collaborations. The work has involved dealing with the sensitivities of individual schools who, whilst aware of each other in an informal way have not had the relationship of trust that includes sharing sensitive data for a greater good.
Ensuring DPA compliance when our client’s auditors raised concerns over their compliance with all the provisions of the Data Protection Act 1998.
Advising a national public body on its policy in dealing with FOI requests. The client received confidential information alleging the misuse of public money and was concerned to ensure it was able to keep the identity of those providing such information confidential.

our people

related opinions

The Data Protection Act 2018 received Royal Assent on 23 May 2018

Only limited sections of the Act will take effect immediately. Our blog provides a summary of the key information you need to be aware of now.

View blog

Extra curricular digital defence lessons

Given the shortage of cybersecurity professionals, the Department for Digital, Culture and Sport has announced that it will create a Cyber Schools programme.

View blog

View all blogs

Ros Foster

Partner

View profile

already registered?

need to register?

data protection and information sharing

View our GDPR webinar - the role of the data protection officer

what we do...

related resources

Receiving a freedom of information request

GDPR in education - the DPO role in schools and academies

GDPR and the Department for Education

GDPR in education: being the DPO and ensuring readiness for 25 May

what our clients say....

what the directories say...

recent experience

our people

Mark Gleeson Partner (Barrister)

Richard Nicholas Partner

Ros Foster Partner

Lauren Webb Associate

related opinions

The Data Protection Act 2018 received Royal Assent on 23 May 2018

Extra curricular digital defence lessons

Ros Foster

related services

information

Accessibility

Awards

Client charter

Client interest

Complaints procedure

Gender pay report 2017

Modern slavery statement

Site map

Stay safe online

Terms of business

Your information

Join our mailing lists

follow us...

already registered?

need to register?

data protection and information sharing

View our GDPR webinar - the role of the data protection officer

what we do...

related resources

what our clients say....

what the directories say...

recent experience

our people

Mark Gleeson Partner (Barrister)

Richard Nicholas Partner

Ros Foster Partner

Lauren Webb Associate

related opinions

related products

Academy conversion

Education quickcall

HR services for schools

Academies company secretarial

related services

information

follow us...