User Menu

E-safety

Information security

It is critical that schools consider the safety of confidential and/or personal data held in electronic or paper formats that are used both on and off the school site.

Under the General Data Protection Regulation it will become critical that ALL staff and governors are aware of how to handle sensitive and/or personal information, and what their responsibilities are when storing, accessing and using data. Under this new legislation there is also a requirement to maintain documented evidence of your awareness and governance..

All schools must have a security policy and should review it regularly to ensure that it covers how personal information is stored, processed and protected.

Here are some tips for securing information:

Do

  • Treat personal data with care and remember that you have a duty of confidentiality towards the Data Subject (the individuals whose data you hold).
  • Ensure that loose papers, notebooks etc., whether they contain personal information or not, are not left on your desk in view of others; remember to lock papers away when they are not in use.
  • Keep cupboards, cabinets and computer equipment containing hard, paper copies, or electronic personal information secure. These should only be accessed by authorised personnel on a need to know basis.
  • Ensure that PCs, laptops or mobile devices are password protected, log off or lock PCs, laptops and mobile devices if you are leaving them unattended, even for a short time, and change passwords which protect personal data regularly - we recommend at least every 40 days.
  • Ensure that passers-by, especially pupils or visitors to school, cannot read information on your computer screen.
  • Double-check postal or email addresses and fax numbers before you send personal information.
  • Only use official school email accounts for conducting school business.
  • Ensure that software and operating systems are kept up to date by installing patches promptly.
  • Protect PCs with up to date anti-virus software.
  • Encrypt back-up media and keep them in a secure storage area.
  • Ensure that you can recognise when there has been a data breach, and have a clear action plan in place to detail how you will respond.
  • Whenever personal information is requested under the DPA or other legislation, check that your response will not disclose inappropriate data about other individuals before releasing such information.
  • Only Share personal information with the organisations listed in your data protection notification (ICO notification) and on your privacy notices.

Never

  • Tell anyone else your password. Don't let anyone watch as you enter it.
  • Share IT accounts with other users - have one account for each individual.
  • Store personal data on removable media (e.g. USB sticks, CD ROMs), unless they are encrypted.
  • Send personal information by email unless it is encrypted. Emails are not secure.
  • Remove personal data (electronic or hard copy) from school premises unless authorised by the headteacher.
  • Install unauthorised or free software - it may contain a virus or other security threat.

If in doubt, seek further advice

Search Schools ICT

Latest Events

Tue Sep 12 @ 9:30AM - 12:30PM
Getting Started with SIMS for New Users
Fri Sep 15 @10:00AM - 01:00PM
Getting Started with SIMS for New Users
Tue Sep 19 @ 9:30AM - 03:30PM
Parent Pay for New Users (Primary Only)
Tue Sep 26 @ 9:30AM - 12:30PM
SIMS Census
Fri Sep 29 @10:00AM - 01:00PM
SIMS Census
Thu Oct 12 @ 9:30AM - 12:30PM
SIMS Cover

Contact Us

Address :

SICT (Schools ICT)
North Yorkshire County Council
Technology and Change
County Hall
Northallerton
North Yorkshire

DL7 8SB

 
Telephone :

01609 536 086

E-Mail : Click here to E-Mail Us