SIMS and GDPR

As we all attempt to navigate our way through the requirements of the new General Data Protection Regulations (GDPR), we thought it would be helpful to bring together information and resources on how SIMS can help to support schools achieve compliance.

We have information on products and services that are available to assist in managing the GDPR processes; on how SIMS.net is being updated to provide users with functionality and tools to help achieve compliance with the new regulations; plus a selection of helpful documents to better inform your GDPR self assessment.

If you require any further advice on any of the topics or resources below, please contact the MIS Team and we’ll be happy to help.

SIMS Solutions and Functionality

Capita have provided a number of ways you can improve or improve delivery of your responsibilities under GDPR.

Parent Lite App

Included FREE within your SIMS annual entitlement fee.

The SIMS Parent Lite app helps schools comply with the new GDPR data requirements by providing a simple way to collect, manage and handle information by obtaining accurate data securely from parents.

Find out more

Data Retention

There are lots of recommendations on how long a school should retain data on students, and now under GDPR… “Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes”.

This summer, to make sure schools can manage their data retention in line with a policy they have set, SIMS will introduce functionality to make this process easier and more efficient through the bulk deletion of selected data items plus the full deletion of the student record.

More info coming soon.

 

GDPR in Schools (GDPRiS)

GDPRiS is a cloud-based, data protection monitoring solution for schools.

It provides Data Protection Officers, schools and 3rd party data processors with an intuitive system to help simplify data protection processes and management and pro-actively prompt them to meet and exceed the new General Data Protection Regulations.

Find out more

Subject Access

A Subject Access Request (SAR) made by an individual can involve a lot of work for a school.  Data from many various sources need to be gathered, ranging from the paper filing cabinet to the core MIS.  Previously in SIMS a user would have needed to design and run many custom reports to form part of their SAR.

in response, SIMS has introduced the Person Data Output routine, designed specifically to reduce the number of separate reports required to fulfil a SAR.

Find out more…

 

SIMS Privacy Notices

Capita currently supply a range of software applications, commonly those that are delivered in or via the Cloud, that require Capita to process personal data on your behalf.  Where your school has contracted with Capita for such products or services, Capita are acting as a Data Processor under GDPR.  As such, you, as the Data Controller, should ensure you have a written contract in place with the required terms to ensure that

  • you are complying with the GDPR
  • you are protecting the personal data of pupils, staff and others
  • both parties are clear about their role in respect of the personal data that is being processed and there is evidence of this.

For schools seeking clarification on how personal data is processed via SIMS cloud solutions, we recommend that you review the SIMS privacy notice for the appropriate product.

Frequently Asked Questions

We recognise that our customers will have many questions regarding GDPR and their Capita products. To help you get the answers and the evidence you require, we have compiled Capita’s responses to a number of commonly asked questions into the following document.

SIMS and GDPR (FAQ’s)

If you are unable to find the answers to your questions in this FAQ, please just get in touch with the MIS Team on 0191 4338525 (option 1) and we’ll endeavour to get a response from Capita.

NEWS

GDPR Person Data Output from SIMS

The right to access is one of eight rules under the title of ‘Individual Rights’ and builds upon existing Data Protection Act legislation in the form of a Subject Access Request (SAR). When a school receives a SAR, there will be many separate reports in...

read more