Language:
A A A
Back to Home
Everything
Search
Institute for Education
  • About Us
  • Human Resources
  • Contact Us
  • Learning with the IfE
  • Equality, Diversity and Inclusion
  • Quality Assurance
    • Forms
    • Policies and Procedures
  • Annual Reports
  • Frequently Asked Questions
  • GDPR
    • GDPR Regulation
    • What Changed
    • GDPR Principles
    • Consent
  • Press Releases
Courses
  • Prospectus 2022 – 2023
  • Tuition Fees
  • Programmes FAQs
  • Student Affairs
  • Graduation Ceremony Information
  • Current Open Applications
  • Course timelines 2022-23
  • Qualifications
    • Bachelor of Education
    • Master of Education
    • Postgraduate Certificate​ in Education (Conversions)
    • Postgraduate Certificate​ in Education - Digital Competences
    • Master in Applied Educational Leadership
    • Master of Science in STEM Education and Engagement
    • Bachelor of Arts (Honours) Early Years, Learning and Care (Top-Up)
    • Postgraduate Certificate​ in Assessment for Learning Teaching Strategies
  • Short Programmes
  • Stand-alone Modules
  • Professional Development for Educators​
  • Parental/Guardian Sessions​
  • Educators Sessions​
  • Modules Offered by Partner Institutions​
  • Online Learning Expectations
Resources
  • Micro-Placements in the Industry
  • Dissertations
  • Teaching Practice
  • Malta Journal of Education
Circulars
  • Circulars 2023
  • Circulars 2022
  • Circulars 2021
  • Circulars 2020
  • Circulars 2019
  • Circulars 2018
  • Circulars 2017
  • Circulars 2016
EU Projects
  • Erasmus + Projects
  • Horizon 2020
  • IfE and EUPA
Research
  • Research Road Map
  • 1st Annual Symposium 2020
  • 2nd Annual Symposium 2021
  • Education Research Week 2022
  • 3rd Annual Symposium 2022
  • Colleges Symposium 2022
  • Education Research Week 2023
IfE Portal
  • Institute for Education
    • About Us
    • Human Resources
    • Contact Us
    • Learning with the IfE
    • Equality, Diversity and Inclusion
    • Quality Assurance
      • Forms
      • Policies and Procedures
    • Annual Reports
    • Frequently Asked Questions
    • GDPR
      • GDPR Regulation
      • What Changed
      • GDPR Principles
      • Consent
    • Press Releases
  • Courses
    • Prospectus 2022 – 2023
    • Tuition Fees
    • Programmes FAQs
    • Student Affairs
    • Graduation Ceremony Information
    • Current Open Applications
    • Course timelines 2022-23
    • Qualifications
      • Bachelor of Education
      • Master of Education
      • Postgraduate Certificate​ in Education (Conversions)
      • Postgraduate Certificate​ in Education - Digital Competences
      • Master in Applied Educational Leadership
      • Master of Science in STEM Education and Engagement
      • Bachelor of Arts (Honours) Early Years, Learning and Care (Top-Up)
      • Postgraduate Certificate​ in Assessment for Learning Teaching Strategies
    • Short Programmes
    • Stand-alone Modules
    • Professional Development for Educators​
    • Parental/Guardian Sessions​
    • Educators Sessions​
    • Modules Offered by Partner Institutions​
    • Online Learning Expectations
  • Resources
    • Micro-Placements in the Industry
    • Dissertations
    • Teaching Practice
    • Malta Journal of Education
  • Circulars
    • Circulars 2023
    • Circulars 2022
    • Circulars 2021
    • Circulars 2020
    • Circulars 2019
    • Circulars 2018
    • Circulars 2017
    • Circulars 2016
  • EU Projects
    • Erasmus + Projects
    • Horizon 2020
    • IfE and EUPA
  • Research
    • Research Road Map
    • 1st Annual Symposium 2020
    • 2nd Annual Symposium 2021
    • Education Research Week 2022
    • 3rd Annual Symposium 2022
    • Colleges Symposium 2022
    • Education Research Week 2023
  • IfE Portal
    • A A A
      Sign In
    Print Page


    What Changed


    Why

    The GDPR has been introduced to:

            1. better reflect the data protection challenges arising in the digital age
            2. modernise data protection arrangements to make organisations more accountable
            3. give individuals greater control over their own personal data
            4. address globalisation and harmonise data protection practice across Europe


    What’s new

    The GDPR is similar to the Data Protection Act (Cap 440) and introduces many changes to data protection practices. These require the Institute for Education to review and revise all approaches to data handling. Key changes include: 

            1. tougher financial penalties - fines of up to €20 million
            2. strong rules around record keeping and new financial penalties for not being able to evidence accountability for our processes – fines of up to €10 million
            3. a more stringent data breach notification process only 72 hours from detection to notify a data breach to the ICO
            4. a broader definition of personal data
            5. a new approach to consent, freely given positive opt-in and easy to withdraw
            6. new and expanded rights including a right to erasure and data portability
            7. a reduced timeframe for handling Subject Access Requests - from 40 days down to 1 month, and the DPA £10 fee is no longer applicable
            8. mandatory privacy impact assessments for new services/projects where risks are high
            9. more restrictive rules around the use of child data
            10. revised processes for international data transfers
            11. a requirement for large organisations to appoint a Data Protection Officer.


    Scope

    Personal data

    Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular in reference to an identifier such as name, an identification number location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. 


    Special categories of personal data 

    This used to be called “sensitive personal data” under Data Protection Act (Cap 440), and now includes:

            1. racial or ethnic origin
            2. political opinions
            3. religious or philosophical beliefs
            4. trade union membership
            5. health
            6. the processing of genetic data, biometric data for the purpose of uniquely identifying a person
            7. sex life or sexual orientation
    ​

    Criminal convictions or alleged offenses ​​

    In a shift from the previous Data Protection Act, this is not classed as “sensitive personal data’, but is covered in the GDPR Article 10 and is treated by the Institute for Education as high-risk personal information.​


    © Government of Ma​lta 2016​
    • ​​Accessibility Statement​
    • Contact Us​
    • FAQs​​
    ​​​​​​

    ​​​​​​​​​​
    The Institute for Education is a Further and Higher Education Institution with Licence number 2016-006​​​​
    ​​