Whilst it’s true that the GDPR has brought more focus and rigour to the discipline of information security, education organisations have more of a mountain to climb than most because they are Data Controllers with sensitive personal data, potentially regarding minors. The proliferation of complex, interdependent technology systems only exacerbates the challenge. Service Education can deliver solutions to the challenge of GDPR audits, shared Data Protection Officers and the development of strategies to place information security and personal safety at the heart of your organisation.