GDPR and safer recruitment

Summer 2019

The Data Protection Act 2018 (DPA) sets out the data protection framework in the UK, alongside the General Data Protection Regulation (GDPR). Since the DPA came into force there has been some confusion about how the legislation affects the safer recruitment process in the education sector. 

Schools, academies and trusts should review their recruitment processes to ensure that special category (sensitive) data is requested at the appropriate time. 

Rather than ask for criminal conviction data on job application forms, this information should be sought at the shortlisting or interview stage of the process. The application form should be amended to remove questions about criminal convictions but should specify that if the applicant is shortlisted, their suitability to work with children will be explored and this will include disclosing convictions.

If an individual discloses a conviction, this should be discussed on a one-to-one basis with someone who has received safer recruitment training as set out in Part 3 of the Keeping Children Safe in Education guidance. If appointed, the conviction information provided by the individual should be checked against the Disclosure and Barring Service (DBS) certificate.
Shortlisted candidates should not be asked to provide evidence of their right to work in the UK or original qualifications certificates at interview. This information is only required when employment is offered; however, it is acceptable to request photo ID at the interview stage to verify the identity of the candidate. 

There is no change to reference requirements – a minimum of two references should be sought, preferably prior to interview, in accordance with the Keeping Children Safe in Education statutory guidance.

Related Pages

Guidance on remote learning

  • Teaching
  • Curriculum
  • Legislation
  • Remote learning

Team ASCL webinars

  • Leadership
  • Briefings