During the past three years, I have had the opportunity to implement GDPR in over 20 international schools in almost 20 countries. About 2/3 of those countries have been within the EU and the rest have been non-EU. All have been successful in starting down the path of data privacy.
The "GDPR Goes to School" Method™ is the result and my thanks go out to all of the wonderful people who have given such valuable guidance and feedback. They have enabled me to develop a deep respect for cultural differences and how that impacts data privacy. The "GDPR Goes to School" Method™ works everywhere!
GDPR found me instead of the other way around. In November of 2017, I received a call asking if I could come to Croatia to help a group of international schools get ready for a new regulation, the General Data Protection Regulation (GDPR) aimed at protecting data privacy.
I thought this was another in a long line of typical "compliance" projects I had done throughout my career as a CPA and program manager, but I was wrong. It turns out that GDPR is much more than compliance and is an idea whose time has come.
Data privacy, in the age of the internet, affects everything.
Working on data privacy is very meaningful and provides great value to everyone. I am eager to share my knowledge, expertise and "how to" with you. The purpose of this website is to introduce you to GDPR, or data privacy, and help you implement a program at your school.
Our focus is on schools and K-12 education so all the information, guidance and templates are customized for schools. Training and examples are focused on school-specific needs.
Let's get started!
Sylvia Gillpatrick, CPA, MBA and DPO (Data Protection Officer)
SYLVIA GILLPATRICK, DPO
DATA PRIVACY AND GDPR CONSULTANT
I earned an undergraduate degree, BS in Psychology, from the University of California (UCLA) and an MBA, majoring in Business and Accounting, from the University of Oregon (U of O). After receiving my graduate degree, I worked for Deloitte, an international accounting firm, and became a Certified Public Accountant (CPA). I held both Series 7 and 6 certifications while working in financial services and earned a Professional Management Professional (PMP) certification, the foundation of my consulting career.
The most recent addition to my credentials is becoming a certified Data Protection Officer (DPO). This certification indicates a professional level of understanding of GDPR and data privacy in general. GDPR articulates a specific role and work requirements for a Data Protection Officer.
My background in K-12 education is extensive, spanning 20 years, and completing state wide, large scale technology projects, projects at the district and school level plus many other projects for government and non-profit organizations. Accomplishments include implementing numerous accounting systems, large scales assessments and school improvement programs.
This background has enabled me to create a school-specific ,GDPR implementation program that can be implemented -- without experts -- by typical school personnel, within 3-6 months. Great deal all around!
What's Coming Next
I have collaborated with other groups of international schools, including the law department at Maastricht University, offering a customized Data Protection Officer (DPO) certification. I am also the co-host and organizer of an annual conference, Privacy by Design. The goal of this conference is to "design privacy into" our thinking and development of programs. Our goal is to reach a point where respect for data privacy is embedded in our lives and sustainable, throughout the world.