{% set baseFontFamily = "" %} /* Add the font family you wish to use. You may need to import it above. */

{% set headerFontFamily = "" %} /* This affects only headers on the site. Add the font family you wish to use. You may need to import it above. */

{% set textColor = "#565656" %} /* This sets the universal color of dark text on the site */

{% set pageCenter = "1100px" %} /* This sets the width of the website */

{% set headerType = "fixed" %} /* To make this a fixed header, change the value to "fixed" - otherwise, set it to "static" */

{% set lightGreyColor = "#f7f7f7" %} /* This affects all grey background sections */

{% set baseFontWeight = "" %} /* More than likely, you will use one of these values (higher = bolder): 300, 400, 700, 900 */

{% set headerFontWeight = "" %} /* For Headers; More than likely, you will use one of these values (higher = bolder): 300, 400, 700, 900 */

{% set buttonRadius = '40px' %} /* "0" for square edges, "10px" for rounded edges, "40px" for pill shape; This will change all buttons */

After you have updated your stylesheet, make sure you turn this module off

Education second for GDPR breaches

by Henry Kilshaw on July 23, 2018

We’re coming up to two months of the GDPR being in force across the European Union and the impact it is having is already visible with the number of reported data breaches across the UK increasing substantially.

Throughout 2017, there were 3,325 breaches reported to the ICO. In the two months since May 25, this has increased by an amazing 600% with over 1700 breaches being reported this month alone.

Education is already a big culprit

In 2017, around ten percent of reported data breaches came from the education sector putting it third overall. Since the 25th of May, education has moved into second place (behind the healthcare industry). If this reporting trend continues, then the sector could potentially be averaging 12 breaches a day up and down the country – a substantial amount.

breaches reported to ICO

The most common data breach in education? Simple. It was people sending personal information to the wrong email address. A basic error, but one that most of us have made (albeit, not necessarily with personal data). The second highest breach reason was lost or stolen paperwork, while third was loss of unencrypted devices and fourth was posting or faxing personal information to the wrong recipients.

Examples of recent breaches

Fortunately, none of these were in education. But it gives you a good idea of different types of breaches… and the potential fines attached.

  • Gloucestershire Police were fined £80,000 after sending a bulk email that identified victims of non-recent child abuse.
  • The Independent Inquiry into Child Sexual Abuse (IICSA) were fined £200,000 after sending a bulk email that should have been ‘bcc’ to 90 recipients about a public hearing. This allowed all recipients to see each other’s information, identifying them as victims of child sexual abuse!
  • West Sussex County Council sent bulk emails to residents who commented on plans to build an incinerator in Horsham but did not ‘bcc’ the email addresses so again, all could see each other’s email addresses etc. It was believed to have been sent to in excess of 1,000 recipients.
  • Portsmouth City Council could face hefty fines after it was discovered that for the past two years contractors have not been obliged to erase data when removing old computer drives.

For schools still working through the GDPR process, we strongly encourage you to check out our
Ongoing Guide to GDPR Compliance for schools and trusts. After training over 8000 school leaders in data protection earlier this year, we also have some very exciting plans in the works for further GDPR training and ongoing compliance for schools… Watch this space!