In this blog series, Kevin Robinson explores the various risks to school IT systems and presents practical solutions for minimising them.
New General Data Protection Regulations (GDPR) will come into force on 25 May 2018 to replace previous Data Protection laws, and they’ll set significantly higher standards for the way that all organisations – including schools – manage and store their data.
Amongst a litany of other changes, schools must be able to show complete transparency with their systems for data storage and management and have clear procedures in place to deal with a suspected data breach.
Ultimately, these regulations exist to protect the people whose data is held by any type of organisation, and if organisation’s aren’t able to show exactly how their data is stored and managed, they could face hefty fines.
As data owners, schools can benefit from being much tighter on security and storage of that data, both in-school and beyond.
For example, what would happen if one of your SLT was carrying around removable media like disks or data sticks which could identify pupils, and that data was accidentally dropped on a bus or train?
This is another area where using cloud-based systems can support schools in the transparency and security of their systems.
If your critical data is stored in the cloud, your team can use tools like Google Drives, which removes the need memory sticks and it has the added benefit of increasing collaboration and sharing.
Being able to access your work in the cloud from anywhere – using secure passwords – gives schools much greater control and transparency over where and how their data is stored.
For schools who work with multiple IT support partners, we’d recommend carrying out careful checks and due diligence on their supplier’s data systems to make sure they are completely reliable and in line with GDPR standards too.
Check out our other Risk Management blogs in this series at www.rm.com/outsource