Data Protection Officer as a Service - DPOaaS

DPOaaS is now available to all customers that purchase the GDPR in Schools (GDPRiS) cloud platform.

DPO as a Service is a practical and cost-effective solution for schools, trusts and academies that don’t have the data protection expertise and knowledge to fulfil their Data Protection Officer (DPO) obligations under the General Data Protection Regulation (GDPR).


Did you know? Your DPO cannot be someone who influences the day to day handling of school data i.e. School Business Manager or Finance Manager. This is to ensure the prevention of any conflicts of interest.


Outsourcing the DPO role

The GDPR recognises the DPO as a key player in facilitating regulatory compliance, with their appointment mandatory for all public authorities.

Many schools, trusts and academies, particularly smaller ones, may find that the DPO responsibilities are a challenge to deliver, given the breadth of knowledge required on data processing and data security operations, and legal aspects of the GDPR.

The Regulation allows organisations to outsource the DPO role to an external provider. With a shortage of individuals trained to handle DPO responsibilities, by outsourcing these tasks and duties you will get access to expert advice and guidance that can help your organisation to address the compliance demands of the GDPR while staying focused on your core business activities.


Benefits of an external DPO

  • Practical and cost-effective solution to achieve GDPR compliance.
  • Access to independent DPO expertise not available internally.
  • No conflict of interest between the DPO and other business activities.
  • Application of best practice in achieving and maintaining compliance with the GDPR.
  • Cost effective compared to an internal appointment.
  • Access to GDPR training and compliance solutions.


DPO as a Service (DPOaaS)

  • An annual subscription service, your organisation will be assigned a dedicated DPO officer who will serve as an independent data protection expert to your organisation as set out in the GDPR.

Support to include;

  • Preparation/scrutiny of reports for Board Meetings as required.
  • Provision of advice on request to support with key decision making at Board/Trust Board level.
  • Advice and remote support with GDPR compliance.
  • Advice and support with the production of a risk register.
  • Production of Information Governance Development/Improvement Plan.
  • Advice on requests (SAR, FOI, release of education records etc).
  • Advice and guidance on Issue/Breach Management (up to 6 hrs per establishment per annum)*
  • Reporting of issues to and liaison with ICO.

* Additional support hours available at £60 p/h
* Onsite support available at £350 per day + travel

Pricing on Application



Have you been thinking about hiring a Data Protection Officer (DPO) within your School, Academy or Multi-academy Trust?

Click the button below to download our job description template for the DPO role.

Working in partnership...