Marino Case Study Using PrivacyEngine
Marino Institute of Education (MIE) is a teaching, learning and research community with nearly 1000 students and 150 staff, primarily focused on initial teacher education. It operates under the trusteeship of Trinity College Dublin, the University of Dublin and its programmes, including its Bachelor in Education (B.Ed.), provide for teacher education, and training of specialist education practitioners at early years, primary and further education levels.
Like all organisations and businesses across Europe, and the UK, Marino Institute of Education was impacted by the stringent data protection requirements of the GDPR when it came into force in May 2018. Fortunately, MIE was well aware of its data protection responsibilities long before GDPR kicked in.
“We were conscious that we deal with sensitive information on a daily basis, and that it has to be managed appropriately and with respect,” says Eileen Jackson, Data Protection Officer (DPO) at MIE.
Eileen was a teacher and school principal for over 30 years before moving into governance, regulation and data protection. Her longstanding background in education means she understands the complexities and sensitivities of the personal data an education institution, like MIE, deals with every day. As such, when she took on the DPO role in December 2019, she was keen to seek practical, expert advice on effective GDPR implementation and programme management from the start.
Eileen mentions PrivacyEngine’s embedded training content and learning management system as a key benefit. The learning management system means MIE can access training content online, upload bespoke training modules, set training goals, and track progress, as it executes its staff and student Data Protection and GDPR Awareness and Training Programme. MIE has provided many of its students with access to data protection awareness training via PrivacyEngine. Eileen says wider awareness and training serves to protect the college, and reduce the risk of it suffering from a damaging data protection incident. She also sees the training delivering a positive ‘network effect’ as students become teachers in primary schools around the country, bringing the data protection message out to the wider community.
Evidence of Compliance
One of the key pieces of advice every teacher passes on to students – when answering an exam question or solving a problem – is to ‘show your work’. This is another key benefit MIE derives from using the PrivacyEngine platform to manage data protection and GDPR compliance. PrivacyEngine, by tracking data processing activity, managing documents and policies, and identifying risks and mitigation activity, is the single, secure repository of the effort MIE puts into delivering its comprehensive data protection programme. Should MIE be audited by data protection
regulators, for any reason, it will definitely be able to ‘show its work’.
“The PrivacyEngine platform provides a practical solution for planning, and day-to-day operation of MIE’s data protection programme, with features such as GDPR logs, the Risk Register, as well as data protection and technical support, and an excellent training feature that is used with both staff and students as part of our awareness and training programme.”
- Data Protection, and Educating the Educators at Marino Institute of Education