GDPR, data protection and Freedom of Information (FOI)
Herts for Learning services and support:
This toolkit is designed to help Data Protection Officers (DPOs) in educational settings to carry out their role and contains supporting guidance, advice and materials to help schools achieve GDPR compliance and drive the right data protection culture throughout the organisation. This toolkit will evolve in the light of feedback from users and best practice in educational settings and provide support and guidance for your staff throughout the period of your subscription. Visit the HfL website:
DPO support services
For details on the Herts for Learning additional DPO support services, which include the GDPR toolkit and telephone and email support visit:
The DfE have produced guidance for local authorities, school leaders, staff and governing bodies on cloud software services. It outlines how schools need to consider data security when moving services and sensitive information to the internet-based facilities of cloud computing (the cloud).
The DfE provides suggested privacy notices for schools and local authorities to issue to staff, parents and pupils about the collection of data. These can be found on the DfE website:
The HfL GDPR Toolkit also contains model privacy notices, including versions written in plain English. More information on the HfL GDPR toolkit can be found on the Herts for Learning website:
ICO advice to organisations regarding Data Protection and Freedom of Information
The Information Commissioner's Office advice on the responsibilities of organisations regarding Data Protection Act and Freedom of Information.
Freedom of Information and Environmental Information Regulations Act guidance for Hertfordshire schools (2020)
This brief document is designed to help schools understand their responsibilities under Freedom of Information Act 2000 (FOIA) and Environmental Information Regulations 2004 (EIR).
The ICO has guidance for schools on publication schemes and model documentation including definition for schools, guides and templates, in the Education section here:
The Information Record Management Society’s toolkits for schools and academies can be viewed here:
If you subscribe to the Herts for Learning GDPR Toolkit or Enhanced DPO Service then please call our Service Desk on 01438 544466 (Option 1 then Option 1).
Non-subscribers can contact the Schools Legal Helpline on 01992 556000.
Biometric technologies are those which automatically measure people’s physiological or behavioural characteristics. Examples include automatic fingerprint identification, iris and retina scanning, face recognition and hand geometry, and their use is becoming increasingly common in both public and private sectors.
Schools have over the last few years begun to use automated fingerprint identification systems (AFIS) for registration, library book borrowing and cashless catering.
For further advice and guidance please visit the DfE website: