GDPR stops us giving vaccination details, say principals
Schools cannot share certain information with the HSE about vaccination rates among students because of GDPR even if it will help to pinpoint where uptake is low.
There is also growing confusion about what data a school can give out when asked for a reference by past pupils, according to the National Association of Principals and Deputy Principals
Under the new data protection regulations, schools cannot share certain personal information it holds on students, like their addresses, even if it is requested by a government agency, such as the health service.
“We cannot share certain information with the HSE or with Tusla, as it would not be compliant,” said Paul Byrne, the deputy director of the association.
“Even though we all want to see the vaccinations being done, we are precluded from sharing data [requested by the HSE].
The Department of Education also may require a certain amount of information from schools on where the kids are coming from, like their socio-economic backgrounds or if they are members of ethnic minorities but we can’t ask those questions anymore. In the past, they were on our enrolment forms.
Schools are also unsure what data they can give out when they are asked to provide a reference for past students, he said.
“You can say ‘the student attended school from this date to this date’ and that’s about the extent of it. Part of it is because GDPR is really still a new phenomenon and there is a fear factor, so schools are now afraid to share any information,” he said.
There is also an absolute insistence to shut down all computers at 4pm if a teacher is not in the room so that no data on a student can be viewed, even classroom roles.
“Anywhere where [you] would have data stored in schools, we now have installed digital encoded locks. There is a heightened awareness of the data that schools hold,” Mr Byrne said.
He said making sure schools are GDPR compliant has added to the constantly increasing workload of principals and deputy principals.
“If a school gets a data request, it is a huge burden for principals to comply with depending on the amount of data that is there within the school. If you receive a data request and there are other people’s names on it, you have to redact those names.”
If CCTV footage is requested from a school, all faces not relating to the person who made the request must be pixelated.
“Pixelation in the past could cost you up to €500 for a small bit of footage and if that’s requested you have to give it.”
Today Eilis Noonan from the Data Protection Commission is due to brief 600 principals and deputy principals at the second day of the annual conference of the National Association of Principals and Deputy Principals.
The first day in Kilkenny heard that the recruitment and retention of school leaders is the next crisis the education system faces.
“There are too few applicants for the position of principal, and we cannot ignore this. We need to take serious notice of the impact of an ever-expanding workload on the welfare of our school leaders,” said association president Kieran Golden.
CONNECT WITH US TODAY
Be the first to know the latest news and updates
