You are here:
GDPR audit
Audit your current data processing arrangements to make sure they comply with the GDPR and meet best practice. Check your records management practices and find out if you’re storing physical and electronic copies of personal data securely.
- 'Cheat sheet' for data protection officers
- Child protection records: transfer guidance
- Data protection impact assessments
- Data protection impact assessments: template and checklist
- Data protection officer: who can it be?
- Data sharing agreements
- DPO's report to governors: template
- DPOs: what your school must do for you
- Email security: sending personal data
- Freedom of information: responding to requests
- GDPR: at what age can pupils give consent?
- GDPR compliance for visiting staff
- GDPR: ensuring your suppliers are compliant
- GDPR jargon buster
- GDPR: managing your photo archives
- GDPR mythbuster
- GDPR: personal data breach procedure
- GDPR: seeking consent for processing personal data
- GDPR: sharing medical information
- GDPR: sharing safeguarding information
- GDPR: template record of processing activities
- GDPR: using apps and online services with pupils
- Help your staff understand the GDPR: posters and handout
- How to choose which ‘lawful basis’ to use under the GDPR
- How to comply with the General Data Protection Regulation
- How to respond to subject access requests in the summer holidays
- Information audit: template
- Parents' right to see their child's educational record
- Poll results: how is the DPO role taking shape?
- Poll results: who are schools choosing as their data protection officer?
- Pupil records: transferring to other schools or providers
- Recording and managing consent under the GDPR
- Requests for information: guidance and template record
- Requests from parents to see pupils' information: FAQs
- Schools' reporting requirements
- 'Special category' data under the GDPR
- Subject access requests: guidance and template forms
- Taking and displaying pupil photos and information
- Taking documents home: securing personal data
- The General Data Protection Regulation explained
- QuickRead: The General Data Protection Regulation (GDPR)
- The role of the data protection officer (DPO)
- Using personal devices: securing personal data
More from The Key

Pupil mental health: deepening understanding
Are you looking to deepen your staff's understanding of mental health, including anxiety, depression, self-harm and suicidal ideation? Safeguarding Training Centre has the resources you need.
Evidence-led training courses that make it easy to upskill staff, anytime, anywhere.
CPD Toolkit is the most effective way to virtually deliver evidence-led training and support the professional development of your staff. Downloadable courses and online 5-minute summaries provide flexibility for training, whether staff are participating as skeleton staff in-school, via video call or individually at their own pace.
- In the news: Your weekly round-up for 8 - 15 January 2021 15 Jan 2021 08:00
- In the news: Your weekly round-up for 1 - 8 January 2021 8 Jan 2021 08:00
- Need-to-know: DfE publishes partial closure guidance 7 Jan 2021 16:36
- In the news: Your weekly round-up for 11 - 18 December 2020 18 Dec 2020 08:00
- Need-to-know: Have your say on changes to Keeping Children Safe in Education (KCSIE) 11 Dec 2020 08:47
The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence v3.0.