Ofsted and the EYFS require all early years providers to have policies and procedures in place to safeguard their children.
Alliance publication Essential Policies & Procedures for the EYFS is FREE for members only and provides templates policies and procedures suitable for nurseries covering all aspects of the EYFS, including safeguarding and child protection.
When time comes to prepare the policies and procedures for your setting, you should consider:
Safeguarding policies and procedures should typically include arrangements for e.g:
(Note: this list is not exhaustive)
Organisations need to be transparent and share their policy statement.
This should include a statement of value and intent. It should capture why this policy is in place, what the organisation aiming to achieve, and make reference to the legislation which underpins the policy. It should also clearly indicate who the policy applies to. The policy statement should be supported by procedures, which explain how this will be achieved and clarify who should do what. It should link to other relevant policies and procedures where relevant
Organisations also need to consider how they will ensure that everyone is trained in the policies and procedures, understands them and are able to implement them
It is expected that early years practitioners receive adequate training in child protection matters and are aware of the signs and signals of abuse in children.
Early years providers are required to have a designated person in every setting who has the lead responsibility for safeguarding, and should discuss learning needs and organisational policies during staff inductions and during regular supervisions.
On May 25 2018 an EU law called the General Data Protection Regulation (GDPR) came into effect, and this has since been enshrined unto UK law as the UK GDPR, which came into effect in January 2021.
It replaced the Data Protection Act 1998 and it gives individuals greater control over their own personal data.
All data collected must be:
1. processed fairly, lawfully and in a transparent manner in relation to the data subject
2. collected for specified, explicit and legitimate purposes and not further processed for unrelated or incompatible other purposes
3. adequate, relevant and limited to what is necessary in relation to the purposes for which data is processed
4. accurate and up to date
5. kept in a form that permits identification of data subjects for no longer than is necessary for the purpose for which the data was collected
6. processed in a way that ensures appropriate security of the personal data including protection against unauthorised processing, accidental loss, destruction or damage using appropriate technical and organisational measures.
Early years providers must review their procedures to be compliant with GDPR and will need to consider, for example, how to implement and share privacy notices, retention and transferring information, how to respond to data breaches and how to train staff in the new requirements.
Policies and Procedures for the EYFS 2024 has online updates with GDPR-related changes.
Individuals must be informed about how their data is being collected and how it will be used — this is best done in the form of a privacy notice which can be given to parents at pick-up and drop-off times. New parents should be given a privacy notice when they register.
Employers must also be mindful of personal data they collect relating to staff whom will also need to be given privacy notices.
Alliance members can call Law-Call for guidance.