The new General Data Protection Regulation (GDPR) came into force on 25th May 2018. The GDPR applies to organisations including schools that process personal or the new personal “sensitive” data.

Highfield Schools handle a large amount of personal data and have always sought compliance with the principles of the 'Data Protection Act 1998′ which the GPPR builds upon.  We aim to ensure all personal data is collected, stored and processed in accordance with the GDPR and DPA 2018 as set out in the Data Protection Bill.

Highfield Schools have the following measures to ensure compliance:

  • A registered Data Protection Officer
  • Embedded GDPR requirements into policies and day-to-day activities
  • Documented and recorded compliance measures
  • Regular training for GDPR compliance
  • Audited data protection measures with audit results used to implement compliance

GDPR Policies