We are currently using or investigating the possibility of using severall off-site services such as MIS, VLE, School Library, etc. This as thrown up the question of data protection and where we stand on the DP Act, etc. I'm currently researching this and looking to put together a document for SLT that gives some guidance to what data we have, where it is held and how it is secured along with out legal requirements. I've got the latest Becta Guidance thanks to a link from GrumbleDock in another thread on DP.

As anyone got any notes/documents/opinions/guides I can have/use related to this subject. I'm particuarly interested in legal requirements for security of documents placed on a VLE by staff that may contain personal information of pupils, eg Reports, etc.