You are here:

Data protection officer: who can it be?

Ref: 34232
Last updated on 21 June 2018
School types: All · School phases: All
In-depth article
Schools must appoint a data protection officer (DPO) from May 2018 under the GDPR. There’s little authoritative, practical guidance on how to do this in a school, so read on for our experts’ recommendations on who to appoint depending on your context.

Article tools


  1. 1 What are your options?
  2. 2 Small schools
  3. 3 Medium to large schools
  4. 4 MATs and federations

Article features

  • 1 download
  • 10 external links

More from The Key

CPD Toolkit Fresh

CPD Toolkit makes it easy to run training in-house

Covering a wide range of topics, including differentiation, assessment, SEND and growth mindset, CPD Toolkit has been created by subject experts and tested by teachers to guarantee practical, engaging training that's also excellent value for money.

The Key has taken great care in publishing this article. However, some of the article's content and information may come from or link to third party sources whose quality, relevance, accuracy, completeness, currency and reliability we do not guarantee. Accordingly, we will not be held liable for any use of or reliance placed on this article's content or the links or downloads it provides. This article may contain information sourced from public sector bodies and licensed under the Open Government Licence.