Like most areas of society, over the past six months the education sector has had to face challenges unlike any before.<\/p>\n
Students thrive when they have access to personalized learning. As schools have moved quickly to adapt to remote learning, using technology to create new experiences that meet students\u2019 needs has become more important than ever. At the heart of the new learning experience is a strong foundation of security, privacy and compliance, empowering both students and educators to work within a safe and secure environment, and open up new opportunities for innovation.<\/p>\n
The education sector has a large, complex landscape to navigate when it comes to security, compliance, and laws like General Data Protection Regulation (GDPR) <\/strong>which brings with it some unique challenges for hybrid teaching and learning. It can be difficult to know where to start. A typical school handles lots of personal data \u2013 much of it about minors \u2013\u00a0and it must therefore adhere to stricter regulations when handling personal information.<\/p>\n To help educational institutions manage this new reality, Microsoft has put together a set of guidelines aimed at assisting with GDPR compliance. They require institutions to update personal privacy policies, implement or strengthen data protection controls and breach notification procedures, deploy highly transparent policies, and further invest in IT and training.<\/p>\n The purpose of the new guidelines is to help educational institutions manage the threats that have arisen out of the disruption this year, while also helping them work toward compliance.<\/p>\n The guidelines expand on the concrete examples and to-do lists from the existing GDPR for Education Kickstart Guide<\/a> \u2013 and they need to be read in conjunction with that document. Both assets are aimed at IT staff with basic knowledge of how to manage Microsoft 365.<\/p>\n The new guidelines aren\u2019t meant to be read from top to bottom, either. Instead, each topic that\u2019s referenced in the GDPR for Education Kickstart Guide<\/a> has a corresponding section in the new document which includes examples and step-by-step assistance on how to do the actual configuration.<\/p>\n That way, readers get a good configuration baseline to build upon for meeting GDPR compliance.<\/p>\n GDPR applies to institutions that have a physical presence in the European Union, organisations that provide goods and services to EU citizens, or that collect and analyse data tied to EU residents. However, educational institutions anywhere in the world can use these documents as a valuable best practice guide, since GDPR are some of the strictest rules globally.<\/p>\nUsing the new guidelines<\/h2>\n
Four clear steps to compliance<\/h2>\n