Schools and colleges are facing an F grade in their GDPR exams with more than half (52%) of all educational institutions admitting they are not fully compliant with the new regulation almost a year after it came into force.
That is the worrying conclusion of a report from RM Education and Trend Micro, which also reveals the vast majority (79%) of schools fear that fines for GDPR breaches would have a significant impact on their institutions.
The study, carried out among 156 schools and college across the UK, includes a mix of sizes, phases and urban and rural locations.
Nearly two-fifths (39%) of institutions cited a lack of financial investment as the biggest challenge to complying with GDPR, while 46% highlighted security awareness.
Three-quarters (75%) said accidental loss by staff was the biggest threat to data, while just under a fifth (19%) said cybercriminals.
Trend Micro principal security strategist Bharat Mistry said: “Things as simple as leaving a memory stick lying around, not changing your password regularly, or not updating to the latest software could have a seriously big impact.
“Having a strategy in place to ensure all data is protected, and able to be deleted should a pupil or parent request it, is also key.”
A Department for Education spokesman said: “Schools are expected to appoint a data protection officer and have a range of policies and processes in place to enable them to be compliant with GDPR and the Data Protection Act 2018.”
To leave a comment please register – it takes less than a minute and is free of charge. You will also get our weekly email update The DM Report (to opt out contact firstname.lastname@example.org). If you are an existing user, please log in. If you have forgotten your log-in details please email email@example.com to get them reset!