How do you do....it? Thread, Are we are breaking any data protection or laws by ID smart cards with SIMS photogra in Technical; I think I know the answer to this but Iíve been asked to do a bit of research, so thought ...
4th February 2011, 04:19 PM #1
Are we are breaking any data protection or laws by ID smart cards with SIMS photogra
I think I know the answer to this but Iíve been asked to do a bit of research, so thought Iíd ask the experts.
Are we are breaking any data protection or laws by letting the School catering company issue ID smart cards with SIMS photographs and names on to the students for them to buy lunches etc? Data sent to catering company on password protected ZIP
Should we have parental consent for this?
IDG Tech News
4th February 2011, 04:22 PM #2
Yes you need parental consent.
As long as the catering company is also registered to use personal data and is compliant with the necessary regulations, a password encrypted zip file should be sufficent to transfer the data to them.
4th February 2011, 04:43 PM #3
Word of warning, default zip encryption is very weak and I doubt would be considered secure. Use a zip program (7Zip) that supports AES 256bit at least.
Originally Posted by riffleman
4th February 2011, 04:46 PM #4
+1 for 7zip it's really not difficult to crack a zip password, especially files zipped with the Windows integrated zip manager
4th February 2011, 04:48 PM #5
I feel a challenge coming up.....
Originally Posted by LosOjos
4th February 2011, 04:58 PM #6
Feel free, the fact is that failing to use the strongest form of encryption reasonably available to you is never a good idea, but if you want to challenge it go for it
4th February 2011, 05:12 PM #7
An AES-256 encrypted 7Zip file, inside an AES-256 encrypted TrueCrypt container on an AES-128 encrypted SecurDisc DVD should do the trick.
4th February 2011, 05:16 PM #8
All using 1234 as the password ftw (just like my suitcase)
Originally Posted by Arthur
4th February 2011, 05:36 PM #9
Do we really need parental consent as the photo is only on the ID card and destroyed from there printing system once card is printed? The photo is already stored in SIMS/Frog/AD so should we need parental consent for that in the first place?
Photo is used just to stop them stealing each other’s cards and using them to pay for there dinner?
4th February 2011, 05:43 PM #10
You're on dodgy ground when trying to determine "if" you need parental consent. Always assume you do.
4th February 2011, 05:43 PM #11
You need parental consent because you are sending their child's photo along with identifiable data outside of the school. Internal systems are different, they are there to help staff identify students who they are working with on a daily basis, once you send data to external companies you need consent.
Just send out a letter explaining why you are sending out the data and that the third party company (I presume!) comply with all the necessary data protection laws and good practices.
4th February 2011, 08:12 PM #12
I didn't mean to challenge it in that way
Originally Posted by LosOjos
I meant I thought it might be fun to create a passworded zip, and see who can crack it.
4th February 2011, 09:21 PM #13
Go for it, I've had a few beers and I'm feeling a challenge lol
Originally Posted by Hightower
By Dancer in forum School ICT Policies
Last Post: 17th March 2010, 01:33 AM
By beeswax in forum General Chat
Last Post: 24th April 2009, 03:18 PM
By Ben_Stanton in forum School ICT Policies
Last Post: 11th December 2008, 02:36 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)