With the Information Commissioner’s Office (ICO) recently reporting a 40% growth in data security incidents in the education sector1, it comes as no surprise that regulation is also increasing. The topic of compliance is rising up the agenda for senior leadership and operational management professionals, and top of the agenda should be the new General Data Protection Regulation (GDPR) – due to come into force on 25th May 2018.
The GDPR contains requirements pertinent to the education sector, outlining how organisations should process and safeguard Personally Identifiable Information (PII). This includes ensuring data breaches are reported to relevant authorities within 72 hours and policies to secure data portability. The new regulation is expected to not only simplify the complex regulatory environment, but to ensure adequate protection of student, staff and stakeholder data.