Privacy law creates enormous administration
Including a few nice photos in the newsletter is no longer self-evident. Since privacy legislation came into effect, schools have been busy protecting personal data.
image: Pixabay
Sharing nice snapshots of students has not been easy since 25 May. Schools, just like companies, must take measures to comply with the requirements of the GDPR, the General Data Protection Regulation.
Why? A photo belongs to the category of special personal data, because the race of the person photographed or his religion or health can be visible on a photo. That is why there must be explicit permission to post photos from parents or from students themselves, if they are sixteen years or older. That schools have to ask that is not new, but they now have to explain what the purpose of the photos is and where the photos are shared and they need written permission to do so. This must be requested every year and can be easily withdrawn. It results in a huge administration.
Nelis van Binsbergen, director of the Meeuwenberg in Driel, applauds the fact that parents and students have more to say about their personal data: “It just takes more work and that is of course not nice. But now we can make very clear agreements with parents. ”
It remains angling to get all those letters back
Van Binsbergen: “We ask permission from all parents via paper. It is still fishing to get all those letters back, but I don't know any faster or easier way. We've made a few general calls. It is also on the parents' own responsibility: if they do not return anything, I will take my hands off it. ”
Awareness
Janneke Koopmans, board secretary School Group Leonardo da Vinci in Leiden: “We have to be alert and aware of personal data. With some apps that are used in the classroom, personal data is requested, which is now no longer possible. And during outings we now take atmospheric photos where students can be seen from the back, to prevent problems. ”
Several regional newspapers did not have a graduate supplement last year. Secondary schools are faced with a dilemma: whether or not to pass on the graduates. Koopmans: “This year we have chosen not to publish the names of graduates in the newspaper in connection with the AVG. It is now a sensitive issue and if you do it, you have to do it right, namely with the consent of those involved. This was difficult to organize in a short time. In addition, we do not think it is correct that it may seem that students who have not given permission have not passed. ”
Many regional newspapers did not publish a graduate supplement this year
The new policy has yet to be written at the Vlietland College in Leiden. Two employees followed a two-day course where tools were provided to establish the new privacy policy. “It is mainly about raising awareness and thinking about what is personal data and with whom do you share it,” says an employee who participated in the course.
The mandatory officer
This awareness is also stimulated by the data protection officer, says Van Binsbergen. Schools are obliged to appoint such an officer. The Meeuwenberg also has one. “He has informed all fourteen schools about the scope of the GDPR, made step-by-step plans for the introduction of the new rules at each school and he is also tasked with helping us with future bottlenecks.”
