Safeguarding trumps GDPR.
The General Data Protection Regulation (GDPR) came into force in May 2018. Yet, there is still some confusion within education about whether it takes priority over safeguarding – leaving some vulnerable young people at risk.
According to the Government, “Information sharing is essential for effective safeguarding and promoting the welfare of children and young people. It is a key factor identified in many serious case reviews (SCRs), where poor information sharing has resulted in missed opportunities to take action that keeps young people safe.”
But how do safeguarding and GDPR fit together? What should you do if both options contradict?
What is safeguarding?
Safeguarding involves creating a safe environment for all. A safeguarding system actively prevents harm, harassment, bullying, abuse and neglect. It is a fundamental aspect for education, to prevent pupils from being harmed inside and outside of school.
You can read more about safeguarding in this blog post.
What is GDPR?
General Data Protection Regulation (GDPR) is the toughest law on privacy and security in the world. It was introduced in May 2018.
GDPR is a mandatory rule with how organisations use personal data. Processing of data must have a defined purpose, and the organisation should be open and transparent about how data is used. Data must be legal and be respectful to the individuals’ rights.
You can read a full guide to GDPR here.
7 golden rules to sharing information
These are the seven golden rules of sharing information, according to the government’s report.
Rule 1: GDPR is not a barrier to justified information sharing, but provides a framework to ensure that personal information about living individuals is shared appropriately.
Rule 2: Be open and honest with individuals about why, what and how information will be shared – unless it is safe or inappropriate to do so.
Rule 3: Remember to seek advice from other practitioners if you have any doubt about sharing the information concerned (without disclosing identities if possible).
Rule 4: Information should be shared with consent and respect should be shown to those who do not wish for their data to be shared. However, under GDPR information can be shared without consent in incidents where safety may be at risk.
Rule 5: Always consider safety of the individuals and other people affected by sharing information.
Rule 6: Ensure the information being shared is necessary for the reason it is provided and only shared with the individuals that need to have it.
Rule 7: Remember to keep a record of sharing decisions, including to who and for what purpose.
Why safeguarding trumps GDPR
GDPR does not take priority over safeguarding – safeguarding trumps GDPR. If there is a concern about sharing information on a safeguarding matter, you don’t need the individual’s consent to share the information in most circumstances.
These circumstances are detailed in the Data Protection Act 2018, which was updated in the UK to meet the GDPR Directive. It states:
Fears about sharing information cannot be allowed to stand in the way of the need to promote welfare and protect the safety of children.
GDPR does not require you to delete safeguarding information from your records. You can read more here.
How EDLounge Limited can help with safeguarding
At EDLounge, safeguarding is treated as its highest priority. We have an up to date GDPR policy, however safeguarding will supersede this when there is a cause for concern.
A number of tools in our online virtual classroom are embedded for safeguarding – which includes off-site learners letting us know how they are on a daily, alert mechanisms and video/chat support.
For more information click here.
EDClass+ also features eyes-on learning as another safeguarding tool. Our software features 11,000+ lessons on a wide range of subject so that pupils can continue education when in or out of school.
For more information, click here.