For further information contact:

If you have any DPA or FOI queries please contact the School IT Systems Support Service Desk - 01438 844777 or SITSS.mis@ lea.herts.sch.uk

Do not delete cell

Useful weblinks:

School Workforce Census Information Commissioner's Office advice on CCTV

Do not delete cell

Contacts

If you have any DPA or FOI queries please contact the School IT Systems Support Service Desk - 01438 844777 or SITSS.mis@lea.herts.sch.uk

• top

Data Protection Guidance

Data Protection Checking Sheet - Suggested amendments to the Pupil Data Checking Sheet

• Word97, 25.5kb/1 page, 15/10/03,
  datachecksheet.doc

• Useful information from Becta for school leadership teams on the impact of the
  Data Protection Act
• The Information Commissioners Office is the UK's independent public body set up to promote access to official information and to protect personal information

• top

Data Security

Security of Confidential / Personal Data - Electronic and Paper

It is critical that schools consider the safety of confidential / personal data removed from a school site (electronic and paper).  School IT Systems Support are preparing a set of guidance documents for schools to use to encrypt confidential / personal data on computer devices that are taken off school premises.  At this stage we are not in a position to offer guidance about the need or otherwise to encrypt computers and file servers which remain securely on a school site, however it is under investigation.

If you are considering applying this method of security to any computer devices in your school which you think may be taken off-site:

• data encryption must not be attempted on any file servers or computer devices configured as RM Community Connect 3 or 4 workstations;
• storage devices such USB sticks are best encrypted in their entirety;
• staff laptops that hold personal data should have an encrypted ‘container’ created where all sensitive data should be stored;
• existing SIMS ‘master’ PCs should not be encrypted at this stage.  SITSS are considering the feasibility of encrypting the whole of the hard drive on all new SIMS ‘master’ computers.  We are also investigating the possibility of encrypting existing, older SIMS ‘master’ PCs;
• backup media must be kept secure at all times.

Warning – keep your encryption password in a safe place.  Access to encrypted drives and ‘containers’ is controlled by password - should you loose it you will NOT be able to access your data!

Download and print the above information:

• Word 2003, 27kb/1 page, 08/01/2009, encryption.doc

Headteacher Guidance on Data Security New

• Word 2003, 262kb/15 pages, 01/06/2010, head_guidance_for_schools_on_data_security_may_2010.doc

Network Manager/MIS Administrator or Manager Guidance on Data Security New

• Word 2003, 215kb/10 pages, 01/06/2010, network_manager_guidance_for_schools_on_data_security_may_2010.doc

SIRO/IAO Guidance on Data Security New

• Word 2003, 264kb/18 pages, 01/06/2010, siro_iao_guidance_data_security_may_2010.doc

Staff Guidance on Data Security New

• Word 2003, 101kb/8 pages, 01/06/2010, staff_guidance_data_security_may_2010.doc

Appendices

Protective Marking Scheme

• Word 2003, 76kb/1 page, 01/06/2010, protective_marking_scheme_information_assets_may_2010.doc

School Policy in Brief

• Word 2003, 29kb/1 page, 01/06/2010, school_policy_in_brief_may_2010.doc

Also see the 'Model School Policy for ICT Acceptable Use Incorporating eSafety, Data Security & Disposal of ICT Equipment' in the esafety section:

• eSsafety Policies for Schools

• top

Privacy Notice Guidance formerly known as Fair Processing (Pupil Census) Updated

The Information Commissioner has recommended that the term 'Fair Processing Notice' be replaced by 'Privacy Notice'. The DfE is therefore adopting this approach in its data collections from 2010, and has reviewed the whole process of issuing Privacy Notices.
The new approach is that a single, short and easily understandable Privacy Notice will be provided to pupils and staff by the school or LA.

• Word 2003, 47kb/2 pages, 06/08/2010, pupil_privacy_notice_primary_2010_11.doc revised
• Word 2003, 49kb/2 pages, 06/08/2010, pupil_privacy_notice_secondary_2010_11.doc revised

Privacy Notices 2010/11

Please see below the announcement made by the DfE in July 2010 ICES Bulletin.

Updated versions of the Privacy Notices for Department for Education data collections will be available shortly. These versions will posted on the HfGL as soon as available.

The updated Privacy Notices will be for:

• Pupils in Schools, Alternative Provision and Pupil Referral Units and children in Early Year Settings
• Children in Need or looked after by the Local Authority
• School Workforce: those employed, or otherwise engaged to work, at a school or the Local Authority

The core information in the Privacy Notice is largely unchanged. The only amendments are to incorporate the new Department for Education name and a reference to the Learning Records Service.

Within the Privacy Notice there is reference to a linked document which outlines how DfE uses pupil and children data and other organisations with whom it shares such information. This document has been amended to reflect a number of organisational changes which have taken place and also indicates revised uses of information where applicable.

• top

Freedom of Information Act 2000 & Document Retention

Guidance in responding to requests for information under the 'Freedom of Information'

• Acrobat pdf, 53kb/5 pages, 04/04/2007, awareness_guidance_11.pdf

Retention Guidelines for Schools

• Acrobat pdf, 164kb/21 pages, 18/08/2006, retention_guide_feb_06.pdf

Records Management Toolkit for Schools

• Acrobat pdf, 441kb/19 pages, 18/08/2006, toolkit_feb_06.pdf

Freedom of Information Act 2000: Starter Guide for Schools

• Word97, 51kb/9 page, 24/11/04, foi_starter_guide.doc

Freedom of Information Act 2000: Introduction for Schools

• Word97, 27kb/2 page, 24/11/04, foi_2000_schools.doc

• top

Publication Schemes

Schedule for publication schemes:

• Word97, 28kb/1 page, 04/11/03,
  sched_publ_schemes.doc

Guidance letter on Publication Schemes:

• Word97, 35kb/2 pages, 04/11/03, ltr_publ_schemes.doc

Model publication scheme for schools with Nursery aged pupils:

• Word 2003, 108kb/6 pages, 26/04/2006, nurseryschools_model.doc

Model publication scheme for schools with no Secondary aged pupils:

• Word97, 108kb/3 pages, 21/11/06, primaryschools_model1.doc

Model publication scheme for schools with Secondary aged pupils:

• Word97, 113kb/7 pages, 21/11/06, sec_schools_model1.doc

Explanatory Notes for the Model Publication Scheme for Schools:

• Word97, 103kb/4 pages, 21/11/06, schools_explanatory_notes.doc

Explanatory Notes for the Model Publication Scheme for Maintained Nursery Schools

• Acrobat pdf, 135kb/5 pages, 26/04/2006, nursery_explanatory_notes.pdf

• top

Privacy Notice Guidance formerly known as Fair Processing (Workforce)Updated

The Information Commissioner has recommended that the term 'Fair Processing Notice' be replaced by 'Privacy Notice'. The DCSF is therefore adopting this approach in its data collections from 2010, and has reviewed the whole process of issuing Privacy Notices.
The new approach is that a single, short and easily understandable Privacy Notice will be provided to pupils and staff by the school or LA.

For Information
The Information Commissioner has recommended that the term 'Fair Processing Notice' be replaced by 'Privacy Notice'. Both the DCSF and Hertfordshire County Council are therefore adopting this approach in its data collections from now on, and have reviewed the whole process of issuing Privacy Notices.

In the past, the suggested text has included the use of school information made available by the LA or the DCSF. However, the new process will mean much simpler Privacy Notices, where details of any organisations with which the LA and DCSF share data are contained on the LA and DCSF websites, with links from the Privacy Notices. This means that Privacy Notices do not need reissuing on an annual basis. Any changes to the details of organisations with which school or LA data is shared will be updated on the LA and DCSF websites.

For Action
In order to ensure that all staff have been provided with an appropriate form of notice it will be necessary for schools to inform all current staff of the change to this Privacy Notice. As you will note from the information provided above, the systematic changes made by Hertfordshire and DfE should prevent the need to reissue this notice to staff in the future as the legislation currently stands.

It will be every school’s responsibility to issue a Privacy Notice to all staff that commenced employment with your school before 01.10.2010 (this could be via a copy being posted on the staff notice board and staff being made aware of its existence) and for those schools not buying into the HR Transactions Service (managed by Serco) there will be an additional requirement to issue these notices to all new staff as and when they join. Those schools purchasing the HR Transactions Service with staff commencing employment after that date will have their Privacy Notices issued with their contract of employment.

Staff Privacy Notice - August 2010

• Word 2003, 48kb/2 pages, 31/08/2010, staff_privacy_notice_autumn_2010.doc

2010 School Workforce Census (including pilots in 2009) Cover Letter

• Word 2003, 46kb/2 pages, 06/09/2009, schoolworkforce_census_cover_letter_oct09.doc

Privacy Notice 2010 School Workforce

• Word 2003, 42kb/1 page, 01/09/2009, privacy_notice_2010_school_workforce_v4_final_edited.doc

• top

Guidance in Responding to FoI Request for ICT Equipment Numbers, Investment, etc (TE) June 2010

• Word 2003, 47kb/2 pages, 01/07/2010, draft_response_foi_june2010v2.doc

• top