In our previous blog, Data Protection Guidelines for Remote Working and Data Sharing, we published some simple steps to help you identify the risks and mitigating actions of remote working and data sharing. In this blog we share an essential Data Processor Assessment to assist you in the assessment and deployment of new software tools that you may be implementing to help overcome challenges during the COVID-19 pandemic.
For the majority of organisations, remote working is now a reality. With providers offering different solutions to cater to the needs of their customers, ranging from remote learning to collaborative staff workouts, the requirement to protect the personal data being processed and ensure it remains safe and secure is now more important than ever.
As a Data Controller, you are responsible for making sure personal data is processed in accordance with data protection laws. You are required to make sure that all data processors you are using provide sufficient guarantees and have the appropriate technical and organisational measures in place.
To help you determine if a solution has the appropriate measures in place, the first step is to complete a Data Processing Assessment, this will help you to identify any processing risks. You can then decide whether you are happy to accept those risks, make changes to reduce them or opt to use a different Data Processor.
To assist schools during this challenging time 9ine has developed a comprehensive Data Processing Assessment tool available to all schools, without obligation and free of charge.
Once you receive your data processor assessment you simply work through the processing questionnaire and contract clauses checklist. To further support your school we are providing 1-hour of free consultancy time. Our consultants will review your assessment(s) and support you in determining any risks and next steps. We look forward to discussing your assessments and supporting you in evidencing your decisions to use new platforms throughout your organisation.
ABOUT THE AUTHOR:
Judith Downing, Senior Data Protection Consultant, has almost 20 years of experience working in the field of data protection and has a BCS Practitioner Certificate in Data Protection and is also a certified GDPR practitioner. She currently advises schools in the UK, Europe and internationally on all aspects of data protection compliance either through our service desk or on-site audits.