Close
There is a lack of clear standards relating to how school records should be secured. As a result, the level of security varies from school to school, and sometimes within an institution itself. What can you do to ensure your school is exercising best practice with your school records?
Within Australia, there appears to be no clear standards in any State relating to when and why we should secure school records.
As a result, the level of security varies from school to school, and sometimes within an institution itself. The size of the school and the attitudes of the head administrators can affect to some extent whether it limits access to all student records or opens them to a broader group.
Individual teachers can also further restrict their files on each student, often because this is where they place their notes, which may be of a sensitive nature.
So, we all have to ask ourselves:
When do we secure records so that only select persons can view them
When do we secure files so that all can see that they exist but cannot gain access and
What data is considered sensitive?
The answers to these questions will vary, but as a general rule we should consider that all information should be open and only secured by exception.
If we are securing a large volume of information, we will need time and resources to ensure that records remain secure and accessible to whatever select group has authority. If we only secure information that is considered sensitive or needs to be protected, it makes administration much easier.
Examples of sensitive information include human resource records, student grading records or records of student counselling sessions. Protected files are those which could cause harm or damage if released, for example, security codes for buildings, credit card details or commercially sensitive tender documentation.
Undertaking a risk assessment of all known record types held in your office against some defined criteria is the first step to determine which records need to be secured. If the files are not considered sensitive or protected, then they should remain accessible to all staff. Staff will be more efficient in their roles if they have access to all required information.
If you are still unsure, and would rather err on the side of caution, most electronic records can usually have controls applied, where all staff can see that it exists but are unable to read or modify it. In this case, the staff member can contact the record owner and request access.
Take action today
There are some easy steps that you can take today that will start you on the journey of securing your data correctly.
Firstly, as an administrative team, you should determine security levels or access criteria for your information. Once you have decided on the access levels, you can prepare a risk matrix of all known record types within your school data infrastructure.
The key to success is to communicate the criteria and procedure to all staff. This may include any contractors or third-party suppliers that might need to access or work with your information.
By: Anne Cornish, CEO and Owner of Records Solutions
Anne has over 35 years’ experience in data and records’ management specialising in the government and education sector. Like most other industries, information management has undergone a significant change in recent years. There are new and unique challenges associated with digitisation and moving to the Cloud. Anne has been instrumental in leading schools through this transition and navigating current trends.
She has worked on projects that include:
statewide implementation of an eDRMS, electronic document and records management system for all offices and schools in Queensland
school archiving and disposal projects in both NSW and Victoria
capture and digitisation of records in large independent schools in Queensland.
Anne represented Australia in developing International Information Standards (ISO 15489) and continuously lobbies to promote the importance of records’ management in all schools
For forward-thinking legal firms alternative legal services (ALT) an exciting opportunity to shape the future. Is ALT the next step for your practice?
Learn how Canon helps the Simpson Grierson law firm to securely print and scan, as well as easily access and retrieve crucial documents at any of their three locations around New Zealand.
Canon’s uniFLOW print management software can connect with major practice management software
Law firms can make errors when considering their printing and document management
Managing your information security is a complex business. Like any device connected to your network, your printers could be jeopardising your information security if not implemented and managed carefully.
Whether you’re leading a law firm or an alternative legal practice (ALT), blockchain is set to revolutionise the way you do business. You will soon be using it yourself or guiding your clients as they get to grips with it.
AI has shifted from being experimental technology to the mainstream. Here are six areas where AI is impacting the legal industry right now.
As technology enters classrooms, auditoriums and libraries, it brings new risks to the education sector. All it takes is one click from a student device to potentially compromise your entire network. Faced with these various threats, does the education sector receive a ‘High Distinction’ for its efforts to protect its troves of student and staff data? Recent findings from the inaugural Canon Business Readiness Index on Security suggest not.
In this digital world, data management is a significant responsibility and a data breach is an equally significant risk. Should things go wrong, businesses must take steps to minimise the impact. With the changes to the Privacy Act coming into effect this week, Andrew Giles, Head of Public Relations and Communications for Canon Australia, shares insights on how to preserve trust and maintain strong customer relationships.
If you're on the Internet, you face security risks. You can no longer afford to assume that your business won't be a target because you're not big enough. Here are some big business takeaways that can substantially benefit your business' security.
In February, Australia’s privacy laws will change. If your school is non-government and earns more than $3 million a year in revenue, then these changes will apply to you.
