People will have seen the £500,000 fine imposed on Facebook and wondering why it is so low, given the fact an organisation can be fined up to 20 million euros or 4% of their global turnover under GDPR. The answer is simple; it is because it occurred and was dealt with under the old regulations, so this was the maximum fine that could be imposed.
I am working with around 80 schools and have already been notified of over 30 data breaches although, fortunately, all but one have been likely to cause unwanted consequences to the data subjects involved and have therefore not needed reporting to the ICO.
I don't believe that there are suddenly more breaches happening; it is simply that staff now recognise what a breach is and let senior managers know, so that the issue can be investigated and any necessary action taken.
That can only be a good thing and is helping to safeguard children in our schools!