Coronavirus: Precautions, preparations and prevention - click here for the latest information

ICO Audits: Summary Report

12 Jun 2020   |   Jonny Wathen   |   Wellspring Academy Trust

The Data Protection team have recently considered the contents of the ICO audits that have already been conducted on academic institutions. Overall the ICO has found limited compliance and often recommended areas for urgent improvement. Common themes that ran through the audits included issues with:


Record Keeping Training Data Sharing General Compliance
Ensuring that an adequate record of data processing has been maintained. Introducing KPI’s around record management, security, requests and governance. Implementing a quality assurance process for adhoc third party data sharing requests.


Ensuring consistent practice all all academies that are part of the group
Ensuring that it has been possible to identify and record  the legal basis for processing. The provision of annual refresher training for all staff on GDPR. Ensuring that Data Sharing Agreements are in place where required and that all of these are signed off by senior management in each organisation.


The introduction of robust compliance checks on processors to ensure the effectiveness of data handling and security controls

Introducing a formalised follow up process for non-attendees at mandatory data protection training. Logging the Data Sharing Agreements centrally with a review process in place.



View all Latest News View all Vacancies