Miscellaneous

Bennington College GDPR Policy

Blackbaud K12 Tip Sheets

Issue link: https://k12hub.blackbaud.com/i/1089923

Contents of this Issue

Navigation

Page 0 of 1

Bennington College Compliance Policy with the EU General Data Protection Regulation (GDPR) Overview As of May 1, 2018, the EU GDPR requires entities to comply with a suite of data privacy and security standards to remain eligible to receive funds from EU-financed organizations. This document outlines Bennington College's proactive compliance response for the GDPR. The British Government has summarized the GDPR statute into several key areas; we use this summary as an organizational structure to articulate our response. Data Protection Principles In compliance with the GDPR requirements that data be collected, processed and maintained in compliance with articulated standards, Bennington College has a policy of collecting only data germane to the support of current stakeholders, and in service of maintaining the required operations of the College. Incidental data are not collected beyond those that are explicitly and implicitly collected in the service of College operations and functions. Accountability and Governance Per GDPR requirements, the Director of Technology and the Dean of Research, Planning and Assessment serve as the data managers for the College and are accountable for ensuring compliant operations for collecting and using data throughout the College. The Sr. Systems and Security Engineer serves as Bennington's data security compliance officer; they are responsible for data protection impact assessments (DPIAs), which are designed and executed as part of a global data security strategy. Data Protection by Design and by Default Bennington College has implemented a suite of software implementation rubrics that are used in evaluation of all third-party vendors handling private data from stakeholders. These rubrics include an evaluation of, among other requirements, GDPR data security and protection compliance.

Articles in this issue

Links on this page

Archives of this issue

view archives of Miscellaneous - Bennington College GDPR Policy