GDPR is coming - here’s how to be ready


Co-founded by Sir Bob Geldof, Groupcall has become one of the education sector market leaders in communication and data extraction tools since launching in 2002. Our product portfolio comprises of Messenger, Emerge, Alert and Xporter. 

Follow @Groupcall

Website: Email This email address is being protected from spambots. You need JavaScript enabled to view it.
Image courtesy of supplier Image courtesy of supplier

One of the undisputable diary dates for this scholastic year is 25th May 2018 – when the new data protection regulation will become enforceable. The General Data Protection Regulation (GDPR) replaces the Data Protection Act, which was based on European legislation passed in 1995. Since then, the world of personal data has changed beyond all recognition so the rules needed a significant overhaul. This now means that schools have to go through a robust process to ensure compliance in time for the deadline.

Fake news?

Almost everywhere that GDPR is mentioned, people are quick to highlight the massive fines set to be imposed for the slightest infringement of the new rules. This recently prompted the Information Commissioner to publish a series of blogs aiming to debunk the ‘fake news’ surrounding GDPR.

Yes, the GDPR does provide potential for increased penalties – but these are for major breaches affecting large numbers of data subjects and which cause huge issues for those affected. These fines will not be imposed for minor infringements any more than the current maximum fine under the DPA is ever used.

It’s certainly true that there’s a lot to take on board with the new GDPR. For example, it stipulates six principles that organisations must adhere to when processing personal data, to ensure that it is:

  1. Processed fairly, lawfully and in a transparent manner.
  2. Used for specified, explicit and legitimate purposes.
  3. Used in a way that is adequate, relevant and limited.
  4. Accurate and kept up-to-date.
  5. Kept no longer than is necessary.
  6. Processed in a manner that ensures appropriate security of the data.

It’s important, when preparing for the GDPR, not to lose sight of what this law is about: delivering greater transparency, enhanced rights for employees and pupils and increased accountability.

Remember, whilst GDPR is bringing in a number of changes and will be the most robust data protection legislation we have ever seen, it is also an opportunity to ensure your school is proactively protecting the sensitive information it holds.

Helping Schools Prepare for GDPR

Groupcall has been working hard to help schools prepare with the minimum of fuss. Firstly, we are running CPD-certified training courses to support the journey to compliance. To find out more, visit

Secondly, we would encourage you to take a look at GDPRiS – a complete GDPR management solution specifically developed for schools. It helps document data flows, map and audit personal data and prompts the use of SAQs. It helps guide all school staff to a new level of data protection understanding. For more information head to

While there is a great deal to be done, if your staff have undertaken GDPR training, keep good records of policies, procedures and contracts with suppliers, conduct data protection impact assessments and take thorough risk minimisation measures, you’ll be well on your way to compliance.

[Taken from The GDPR Compliance Ebook, which can be downloaded in full from]

Visit or contact [email protected] / 020 8506 6100 for more information.


Get articles like this every week 


We promise to protect your personal information. Read our privacy policy.

In order to make our website better for you, we use cookies!

Some firefox users may experience missing content, to fix this, click the shield in the top left and "disable tracking protection"