· What Data Protection Policies & Procedures are currently in place?
· Are you aware of what information (Data) you currently store in your service?
· Where is this Data stored?
· Are your IT/storage systems robust and secure?
· What personal Data do you collect (Child’s, Parents/guardians/employees)?
· Have you obtained consent?
· How is the Data collected, manually, electronically, phone or in person?
· For what purpose is the Data collected?
· Is the Data relevant and up to date?
· Who is responsible for collecting the Data?
· Who has access to the Data?
· Who do you share the Data with and why?
· Do you have signed consent to do so?
· How long do you store the Data for?
· Are you aware of Data Subjects rights?
· Have you sourced training for your staff?
· Is your staff aware of what constitutes a Data breach?
· Are review procedures in place to ensure all policies continue to be up to date?
Data breaches must be reported with 72 hours of discovery.