Welcome Guest [Log in]

Sebastian Gasse :: Blog :: New Becta report on information handling in schools

September 11, 2008

default user icon
Sebastian Gasse

New Becta report on information handling in schools

http://elgg.learnblog.net/elearning/weblog/4987.html

Good practice in information handling in schools: Keeping data secure, safe and legal
Details at: http://schools.becta.org.uk/upload-dir/downloads/information_handling.pdf

Following several high-profile losses of personal data by government agencies, the Prime Minister ordered a review into how government agencies handle data. As a result of this review, the Cabinet Office published a report on 25 June 2008, called Data Handling Procedures in Government (http://www.cabinetoffice.gov.uk/reports/data_handling.aspx). This sets out how the government is "improving its arrangements around information and data security, by putting in place core protective measures, getting the working culture right, improving accountability and scrutiny of performance".
These measures require both technical solutions and a change in practice, and are being implemented across central government and other public bodies. As such, the intent of these procedures should also be followed by schools and local authorities. This document aims to distil the key messages outlined in Data Handling Procedures in Government so they are applicable to schools and is intended for school leaders, senior leadership teams, network managers and other members of staff who have responsibility for handling and securing data.

There are four accompanying good practice guides:
  • Impact levels and labelling
  • Data encryption
  • Audit logging and incident handling
  • Secure remote access.
These guides provide a description of the procedures and suggest possible technical and operational solutions that can assist schools in minimising the risk of data security incidents and complying with existing legislation. These good practice guides should be read by school network managers and those responsible for implementing technical solutions.
The underlying principle of this guidance is that schools should do everything within their power to ensure the safety and security of any material of a personal or sensitive nature.
In following this guidance, schools will be able to identify:
  • data and information assets (information, stored in any manner, which is recognised as important or "valuable" - not just in financial terms - or important to the organisation), with named owners responsible for them
  • a framework for ensuring sensitive data is correctly labelled, managed and protected
  • methods for the systematic assessment of risks and recording of data loss so that appropriate mitigating measures can be established
adapted from Naace

Posted by Sebastian Gasse

You must be logged in to post a comment.

AddThis Social Bookmark Button