+ Post New Thread
Results 1 to 13 of 13
How do you do....it? Thread, Are we are breaking any data protection or laws by ID smart cards with SIMS photogra in Technical; ...
  1. #1
    MicrodigitUK's Avatar
    Join Date
    May 2007
    Location
    Wiltshire
    Posts
    336
    Thank Post
    37
    Thanked 55 Times in 51 Posts
    Rep Power
    24

    Are we are breaking any data protection or laws by ID smart cards with SIMS photogra

    I think I know the answer to this but Iíve been asked to do a bit of research, so thought Iíd ask the experts.

    Are we are breaking any data protection or laws by letting the School catering company issue ID smart cards with SIMS photographs and names on to the students for them to buy lunches etc? Data sent to catering company on password protected ZIP

    Should we have parental consent for this?

  2. #2

    Join Date
    Sep 2008
    Location
    Durham
    Posts
    129
    Thank Post
    1
    Thanked 30 Times in 28 Posts
    Rep Power
    25
    Yes you need parental consent.

    As long as the catering company is also registered to use personal data and is compliant with the necessary regulations, a password encrypted zip file should be sufficent to transfer the data to them.

  3. #3

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,625
    Thank Post
    918
    Thanked 1,336 Times in 816 Posts
    Blog Entries
    1
    Rep Power
    448
    Quote Originally Posted by riffleman View Post
    Yes you need parental consent.

    As long as the catering company is also registered to use personal data and is compliant with the necessary regulations, a password encrypted zip file should be sufficent to transfer the data to them.
    Word of warning, default zip encryption is very weak and I doubt would be considered secure. Use a zip program (7Zip) that supports AES 256bit at least.

  4. #4

    LosOjos's Avatar
    Join Date
    Dec 2009
    Location
    West Midlands
    Posts
    5,498
    Thank Post
    1,456
    Thanked 1,201 Times in 814 Posts
    Rep Power
    712
    +1 for 7zip it's really not difficult to crack a zip password, especially files zipped with the Windows integrated zip manager

  5. #5

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Quote Originally Posted by LosOjos View Post
    +1 for 7zip it's really not difficult to crack a zip password, especially files zipped with the Windows integrated zip manager
    I feel a challenge coming up.....

  6. #6

    LosOjos's Avatar
    Join Date
    Dec 2009
    Location
    West Midlands
    Posts
    5,498
    Thank Post
    1,456
    Thanked 1,201 Times in 814 Posts
    Rep Power
    712
    Feel free, the fact is that failing to use the strongest form of encryption reasonably available to you is never a good idea, but if you want to challenge it go for it

  7. #7


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    9,065
    Thank Post
    232
    Thanked 2,717 Times in 2,005 Posts
    Rep Power
    795
    An AES-256 encrypted 7Zip file, inside an AES-256 encrypted TrueCrypt container on an AES-128 encrypted SecurDisc DVD should do the trick.

  8. #8

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,625
    Thank Post
    918
    Thanked 1,336 Times in 816 Posts
    Blog Entries
    1
    Rep Power
    448
    Quote Originally Posted by Arthur View Post
    An AES-256 encrypted 7Zip file, inside an AES-256 encrypted TrueCrypt container on an AES-128 encrypted SecurDisc DVD should do the trick.
    All using 1234 as the password ftw (just like my suitcase)

  9. #9
    MicrodigitUK's Avatar
    Join Date
    May 2007
    Location
    Wiltshire
    Posts
    336
    Thank Post
    37
    Thanked 55 Times in 51 Posts
    Rep Power
    24
    Do we really need parental consent as the photo is only on the ID card and destroyed from there printing system once card is printed? The photo is already stored in SIMS/Frog/AD so should we need parental consent for that in the first place?

    Photo is used just to stop them stealing each other’s cards and using them to pay for there dinner?

  10. #10

    Join Date
    Sep 2008
    Location
    Durham
    Posts
    129
    Thank Post
    1
    Thanked 30 Times in 28 Posts
    Rep Power
    25
    You're on dodgy ground when trying to determine "if" you need parental consent. Always assume you do.

  11. #11

    LosOjos's Avatar
    Join Date
    Dec 2009
    Location
    West Midlands
    Posts
    5,498
    Thank Post
    1,456
    Thanked 1,201 Times in 814 Posts
    Rep Power
    712
    You need parental consent because you are sending their child's photo along with identifiable data outside of the school. Internal systems are different, they are there to help staff identify students who they are working with on a daily basis, once you send data to external companies you need consent.

    Just send out a letter explaining why you are sending out the data and that the third party company (I presume!) comply with all the necessary data protection laws and good practices.

  12. #12

    Hightower's Avatar
    Join Date
    Jun 2008
    Location
    Cloud 9
    Posts
    4,920
    Thank Post
    494
    Thanked 690 Times in 444 Posts
    Rep Power
    241
    Quote Originally Posted by LosOjos View Post
    Feel free, the fact is that failing to use the strongest form of encryption reasonably available to you is never a good idea, but if you want to challenge it go for it
    I didn't mean to challenge it in that way

    I meant I thought it might be fun to create a passworded zip, and see who can crack it.

  13. #13

    LosOjos's Avatar
    Join Date
    Dec 2009
    Location
    West Midlands
    Posts
    5,498
    Thank Post
    1,456
    Thanked 1,201 Times in 814 Posts
    Rep Power
    712
    Quote Originally Posted by Hightower View Post
    I didn't mean to challenge it in that way

    I meant I thought it might be fun to create a passworded zip, and see who can crack it.
    Go for it, I've had a few beers and I'm feeling a challenge lol

SHARE:
+ Post New Thread

Similar Threads

  1. Data Protection - Transfer data to others
    By Dancer in forum School ICT Policies
    Replies: 3
    Last Post: 17th March 2010, 12:33 AM
  2. Data protection
    By beeswax in forum General Chat
    Replies: 6
    Last Post: 24th April 2009, 02:18 PM
  3. Data Protection
    By Ben_Stanton in forum School ICT Policies
    Replies: 8
    Last Post: 11th December 2008, 01:36 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •