b'DATA PROTECTION OFFICERUnder the UK GDPR, public sector organisations must appoint an independent Data Protection Officer (DPO). Tosupport schools the Data Protection Service is offered via de-delegated budgets to maintained Enfield schools tooffer provision of an independent DPO function to ensure your school meet its statutory duties ( UK GDPR Section4 Article 37-39)Scope of ServicesThe DPO service will inform and advise maintained Enfield schools and its employees about its obligations to complywiththeUKGDPR,andotherdataprotectionlaws.BelowaredetailsoftheareasofsupportthattheDataProtection Service will provide.Details1.Appointment of a qualified DPO in accordance with Article 37 of UK GDP2.Providing up to date school policy templates.3.Providing up to date Register Templates ROPA templateRetention scheduleBreach Log (maintained centrally by DP team for the school)4. Providing up-to-date documents Data breach reporting formData Protection Impact AssessmentData Sharing AgreementData Processing Agreement5.Providing general advice such as advice on privacy Notices, advice on consent forms6.AdvisingonDataProtectionImpactAssessments(DPIAs)DPIAscreening,advice,andoversightfornewsystems, tools and projects and higher-risk processing.7. Acting as first point of contact for the Information Commissioners Office (ICO)8.Advice on handling Subject Access Requests (SARs) and Freedom of Information requests.9.Assessment of reports on data breaches, advising on risk assessment and obligation to report to the ICO. 10. Advising on individual rights requests. 11.Raisingawarenessofdataprotectionissuesandprovidingtrainingandawarenesssessionsforstaffandgovernors.12. Maintaining a data protection portal for documentation.Click here to return to the contents page'