Streamlining the consent process within education
Has your school appointed a data controller? Someone who is responsible for cybersecurity, the consent management system (CMS), and keeping sensitive details on staff, pupils and parents private? Are you still sending out permission packs on paper?
One way to streamline part of the data controller’s responsibilities is to choose a consent management system, designed for General Data Protection Regulation (GDPR) compliance to manage the full lifecycle of consent across the school.
The benefits of a digital consent system
There are many styles of consent required with questions tailored for activities across the school landscape. Will it be about photographs at sport’s day? School trips? Access to social media? Using mobile apps in French lessons? What about examination entry extra time details? Split family preferences? Medical information? Vaccinations? Allergies? Getting the newsletter? Allowing parents to come to parents’ evenings?
Consents are complex and unique. In schools, parents do want to be contacted, and it’s important to keep up to date on who the child’s primary contacts are and who is allowed to have contact, in particular. They don’t necessarily want their child photographed for online publicity, but they will agree to the annual team sport photograph.
Using a digital CMS allows parents and teachers more options over pupil data and allows for efficiency savings as no staff member needs to work off paper printouts. There’s also a huge time-saving element, as information retrieval is instant, and there’s no need to ask the school secretary for information.
Why schools need to use a CMS
If you think about it, paper is bound to lead to errors in data management. What if something is lost, left on a train, picked up by mistake? The GDPR imposes stiff penalties for data breaches, and no school wishes to fall foul of it.
The GDPR requires the who, when and how consent is given to be continually updated, along with the types of consent. With a digital system, consent can be integrated into every existing school system, auto-updating, taking the headache out of running paper checks and manually updating databases. It should work across many different software systems, allowing schools to use e-scanning to update from paper or emailed forms and manage consents preferences in a single system, saving money for schools.
Today’s headteachers find themselves surrounded by technology. Whether it be how people teach using apps, use databases to contact stakeholders and suppliers, or control the finances, there’s a lot of users and a lot of information which needs to be stored with compliance under the new General Data Protection Regulation (GDPR). Why not use technology for managing all these permissions?
How does a consent management system work?
A top CMS ensures all agreements between the school and third parties remain crystal clear. Depending whether it’s parents, pupils, staff, governors, school suppliers or otherwise, you send out specifically granular consent forms allows respondents to give their consent preferences. Rather than having a simple yes or no answer for consenting to the general use of photos (which is often a ‘no’) one benefit is increased partial opt-in rates if parents/pupils can consent in more detail about 'how' their images could be used. Similarly, storing email addresses or financial information, holding sensitive information on disability, or the justice system, or foster carers, can be similarly ‘granular’.
A CMS should enable a school to manage consents on a daily basis by offering an immediate response to parents/pupils wanting to edit/withdraw consent. The schools’ administration and data controller can confidently say they’ve adhered to the GDPR legislation. Thus, ensuring everyone who wants contact with their school has it, and those that need information ring-fenced or protected in any way have the confidence in the schools’ consent management system to protect them. The cost of updating data, in terms of people and time, is dramatically reduced through the use of a central hub which captures and manages consents in real time.
To build trust and operate transparently under the GDPR contact ConsentEye for all of your consent management system needs in your school. Getting started is as simple as uploading all data subjects’ details into a .csv file including basic information, name and email address and asking for specific permissions. We’d be happy to discuss any inquires and questions you might need answered about how to ensure GDPR compliance and how we can help.