School is forced to apologise after data breach
In today's papers there is a story about an unfortunate primary school in the Wirral - school is forced to apologise after shaming pupil's mother by sending an email demanding four hundred and forty five pounds from her to ALL parents -that sent an email to a parent, chasing outstanding childcare fees that was accidentally sent to every single parent in te school!
Mistakes can happen, but one would hope that the school is now following their policy for a data breach that ensures that they (a) report the breach to the ICO within 72 hours and (b) work out how the incident happened and how they can prevent it from reoccurring. These are requirements under the EU data protection regulations that came into force in May 2018 (GDPR), which on first inspection of the school website looks like they have put in place.
We obviously don't know te details of what has happened and don't wish to gloat over some else's mistake, but the purpose of GDPR was to ensure control measures are put in place to reduce the risk of an incident and raise awareness amongst people handling personal data.
That's why Ayrmer Software take data protection and cyber security extremely serious and have invested time and resources into completing Cyber Essentials Plus and IASME, which are both recognised by the ICO and a realistic alternative to ISO27001.
The Childcare on-line Booking (CoB) System has security and data protection built in (security by design) and is the only booking system available on the marke for wrap around childcare providers and after school clubs to provide this reassurance.