The General Data Protection Regulation is coming!
Look at our GDPR guideline documents which are available on the Policies and Documents page and below. On the advice of the ICO, create three documents to show compliance:
- A Data Protection Policy which shows your awareness of this new EU law which will remain after Brexit.
- A Privacy Notice which you have to give to the parent/child as the ‘data subject’ and tells them about their rights.
- An Information Audit combined with a Record of Processing Activity which gives an overview of all the information you hold and how you ‘process’ it.
We have indicated retention periods for different types of records on the Privacy Notice and Information Audit/RoPA, but they may need to be corrected as we get more information.
If you read the attached Data Protection Policy first, it should give you an idea of what you need to do to be GDPR compliant. You need to be prepared by 25th May. Here is a short explanation about what GDPR is https://www.pre-school.org.uk/preparing-your-early-years-setting-gdpr but you can read about GDPR on the ICO website and you can use their helpline ICO Helpline 0303 123 1113. The insurance companies have produced GDPR toolkits for childminders too.