ARTICLE
22 March 2020

Schools Warned Over Use Of Pupil Photos

WS
Wrigleys Solicitors

Contributor

Wrigleys Solicitors logo
Wrigleys is a specialist firm of solicitors that concentrates on:
  • Agriculture and rural property
  • Charities and the social economy
  • Education
  • Employment
  • Families
  • Injured
  • Pensions
  • Property
As one of the leading specialist practices outside London, we are recognised as experts in our specialist areas and give practical, common sense, and technically excellent advice to our clients with whom we form valued long-term relationships.
Explore Firm Details
The Information Commissioners Officer (ICO) has recently issued reprimands to two schools.
United Kingdom Privacy
Photo of Chris Billington
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

The Information Commissioners Officer (ICO) has recently issued reprimands to two schools.

The schools which sent a class photo, in one case, to the local paper and, in the other, home to parents included the images of pupils whose parents had previously refused consent for their children's images to be shared.

On its blog, the ICO has sought to stress the lesson to be learnt by schools:

  • Photos (including videos) taken for official school use, such as on its website, in a prospectus or to be sent out to newspaper, will be covered by data protection rules;
  • Ensure that the school has robust procedures for processing any personal data.  That includes:
    • knowing what personal data you hold, where and for what lawful purpose;
    • having appropriate data protection policies and procedures;
    • ensuring that staff are trained on and understand those policies and procedures.  Keep a training record and ensure staff are regularly reminded.  Many will be handling personal data daily, including special category data (e.g. health, ethnicity);
    • reporting any breach to the school's data protection officer, and as required to the ICO, as soon as possible.
  • This shouldn't been seen as any prohibition on taking photos, including by parents at a school event for personal use

Separately the ICO has recently announce two new key services which can help schools, and others, show accountability through the development of GDPR Codes of Conduct and Certification Schemes.  Directed toward sector wide and representative organisations, rather than any individual school or academy or multi-academy trust, the schemes can demonstrate compliance and provide reassurance to parents and others. At present there are no approved Codes or accredited certification bodies for issuing GDPR certificates. Further detail is available on the ICO website.

Our article last month, GDPR in schools – ensuring best practice, highlighted the ongoing ICO audit of schools and academies.  Audit reports, and their executive summaries, have flagged various issues which all schools can look to assist with improving their own compliance.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Chris Billington
Chris Billington
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More