Schools & Education GDPR, DPO & Safety Compliance

Appointment as your school's external Data Protection Officer (DPO) — a legal requirement for all state schools, academies and MATs under Article 37 of UK GDPR. We monitor compliance, advise on DPIAs for new systems (MIS, CCTV, biometrics), manage subject access requests and FOI requests, handle ICO correspondence, deliver staff training and produce annual compliance reports for governors. A cost-effective alternative to an internal appointment with access to specialist expertise.

Comprehensive UK GDPR compliance for schools covering data audit and mapping, Records of Processing Activities (ROPA), privacy notices for parents, pupils and staff, lawful basis assessment for every processing activity, data sharing agreements with local authorities and third-party providers, cookie compliance for school websites, and data retention schedules aligned with the IRMS retention toolkit for schools.

Schools handle highly sensitive data — pupil records, SEN information, safeguarding logs, medical data, free school meals eligibility, behavioural records and staff HR files. A breach of this data has serious consequences. We help you establish breach detection and response procedures, assess breaches when they occur, prepare ICO notifications within the 72-hour window, notify affected individuals and implement remediation to prevent recurrence.

Schools receive increasing numbers of Subject Access Requests (SARs) from parents, former pupils and staff, plus Freedom of Information (FOI) requests from parents, media and the public. We manage the entire process — searching systems, applying exemptions (third-party data, safeguarding, legal privilege), redacting appropriately and ensuring you respond compliantly within the one-month statutory timescale. We also handle right to erasure, rectification and portability requests.

Schools have the same health and safety obligations as any employer — plus additional duties around pupil safety, playground supervision, educational visits, science lab safety, design and technology workshops, swimming pool compliance and PE equipment. We provide workplace risk assessments, fire risk assessments, legionella assessments, asbestos management reviews, manual handling assessments for caretakers and kitchen staff, and develop bespoke safety policies for your school.

Fire risk assessments for school buildings including classrooms, halls, kitchens, science labs, server rooms, storage areas and temporary buildings. We assess fire detection and alarm systems, emergency lighting, escape routes and assembly points, fire door integrity, fire extinguisher provision and evacuation procedures for pupils with SEND or mobility needs. Regular review visits ensure ongoing compliance with the Regulatory Reform (Fire Safety) Order 2005.

Schools face unique HR challenges — Burgundy Book and Green Book terms, teacher pay and conditions, performance management frameworks, absence management for teaching staff, safeguarding-related disciplinaries, TUPE for academisation, redundancy consultation for school restructures and managing relationships with unions including NEU, NASUWT and UNISON. We provide practical HR support tailored to the education sector's specific employment framework.