How do you do....it? Thread, Teacher wants a mapped drive to access to all our students network folders in Technical; My last school just mapped a drive for all staff, and it's written into the AUP here that staff can ...
12th March 2012, 10:40 AM #16
My last school just mapped a drive for all staff, and it's written into the AUP here that staff can access student areas, although in practice it's not given here. What we do have is a separate mapped drive for all users called Submissions, with a variety of odd permissions on it - students can then save into this drive specifically (but not delete from it!) and teachers can then mark it at their leisure. No worries about accessing private areas then.
IDG Tech News
12th March 2012, 10:47 AM #17
Well in that case I would have thought that staff would have had a reason to go looking rather than accidently discovering the fact. In real terms teachers are not going to have the time to search through all files just in case there is something in there which might prove to be a problem. Thats why in the past I have run scipts to search users area for specific file names/text which found files saved on the pupils area with lists of proxy websites etc. However, I realise some schools do allow staff access to read the files and also don't see this too different from access to pupils books. BUT whatever you do, ensure that it is documented and part of your AUP so if anything happens you have a paper trial which specifies how the network is used and why you have made any changes.
Originally Posted by BatchFile
BTW - I have worked in places which used a shared area & VLE to submit work for marking which worked well. We also had permissions for staff to access pupils area for those times where pupils worked in groups and then the one who stored the work was off for the next session. This allowed staff to copy over files for pupils to continue working, but not all staff were interested in doing this as it was not in their JD.
Last edited by penfold; 12th March 2012 at 10:50 AM.
12th March 2012, 10:53 AM #18
Some discussion on how DPA relates to this:
- If anyone is in any doubt, students work is 'personal data' under the DPA as it meets the definition found here of "Data 'obviously about' a particular individual". However, it would not usually be considered sensitive personal data, which is subject to stricter safeguards.
- You are allowed to access or process personal data if proper consent is given. Depending on the age of your pupils, this consent is either given by the pupils themselves or their parents. In most cases, consent will already have been given for teachers to access more sensitive information that is normally stored in pupil areas (i.e. confidential pupil records) and most MIS products do not limit this access to teachers who actually teach a pupil. Whether existing consent applies to files in a pupil's work area will depend on the wording used in your school.
Our staff have read-only access to all pupils via a mapped drive. We are primary level. We have the relevant consent in place and it is made very clear to the pupils that staff can access the files stored in their area.
My take on it is this: a student's work area is not intended to be for personal use, it is for school use. Those files are not their personal files. They are work produced for the school*. Teachers would have equal (or greater) access to anything put in their drawer in the classroom or physically stored almost anywhere else in the school. The exception to this might be pupil's lockers, if you have them. We don't.
I can see the argument that the area can be perceived as 'personal' because it is secured by a password, but the password is not there to keep teachers out and create a private area; it is there to prevent tampering by other pupils.
* Also worth noting that in the case of employees (teachers), work produced for the school is specifically defined by contract as the legal property of the school. The same usually applies to students' work in universities. While I don't know that we state it explicitly for our pupils' work, I'd be very surprised if the position differed for schools.
Last edited by AngryTechnician; 12th March 2012 at 10:55 AM.
5 Thanks to AngryTechnician:
BatchFile (12th March 2012), elsiegee40 (12th March 2012), GrumbleDook (12th March 2012), SimpleSi (12th March 2012), zachariah (21st March 2012)
12th March 2012, 11:02 AM #19
All schools that I have worked in give staff have read only access. I find different departments seem to like working in different ways, most ICT teaching staff prefer to have direct access to student homes for marking.
As overs have said here, I can't see the problem of giving staff read access to students data. Clear it with Line manager or SMT if it is a new facility that staff want.
Instead of giving every staff member read ony is create a group and give that group read access, add the staff that need access to that group. This will give you better future control.
12th March 2012, 11:03 AM #20
And this is where you AUP comes into play. We have had to have numerous conversations with staff who use the network as their own personal storage/backup area by putting personal (often illegal) content onto the WORK network. It is not designed for this purpose and as such any personal files which are lost are NOT ITs responsibility and we will not spend time trying to recover files which are not work related. (OK we may, but that is not the official stance). So long as you have documented who has access to what you shouldn't have a problem.
Originally Posted by AngryTechnician
Thanks to penfold from:
BatchFile (12th March 2012)
12th March 2012, 11:08 AM #21
- Rep Power
1.If anyone is in any doubt, students work is 'personal data' under the DPA
as it meets the definition found here of "Data 'obviously about' a particular individual". However, it would not usually be considered sensitive personal data, which is subject to stricter safeguards.
My thoughts are that an individual teacher should not be given access. DP Principal 3 states that “Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed” so to give access to all pupils (including the ones that are not taught by the teacher) would not be appropriate.
Principal 6 states that “Personal data shall be processed in accordance with the rights of data subjects under this Act” and I think that to give access to an area that is password protected by the students would again be inappropriate.
So if it is personal data then DP says to give access to all pupils (including the ones that are not taught by the teacher) would not be appropriate.
can you state in your AUP that it is not Personal if students work is 'personal data' under the DPA as it meets the definition ?
Last edited by sjpage10; 12th March 2012 at 11:20 AM.
12th March 2012, 11:26 AM #22
That's one person's opinion that giving access to all staff would not be appropriate. It's not a fact. It might be correct, but without actual legal guidance I would take it with a pinch of salt. As I mentioned, most MIS systems give access to confidential data to teachers that don't teach a child. Do you also regard that not appropriate, and should we therefore automatically assume those systems are not DPA compliant?
I suppose what I should really have said is that student work areas are not private areas. Data can be "personal" under the DPA without being private.
Last edited by AngryTechnician; 12th March 2012 at 11:31 AM.
12th March 2012, 01:23 PM #23
We recently gave our teaching staff access to the pupils' MyDocs folders, and they are very happy with this for the following reasons:
* makes homework submission easier (shared areas are too prone misuse/abuse as pupils delete/rename/overwrite other pupils' work)
* allows the teacher to monitor progress on an ongoing task
* allow teachers to access collaborative work stored in one pupil's area so the others can carry on if the "owner" is off sick
* is used when pupils forget to print work off
* is used by a teacher to show pupils' work to the rest of the class
* can be useful in pastoral issues
We don't impose restrictions surrounding which pupils' work they can see, but trust their professional conduct (as with MIS data, etc, as already mentioned, or emails sent to the All Staff group). The access is only available to teaching staff, not admin or support staff.
As others have said, the areas are not to be considered as personal, private areas - they are areas which the pupils have in order to do their school work. The same goes for staff MyDocs folders too; they all know that I can see them and SLT may ask for access to them. If you don't want something seen, don't put it on the school's network; that is what pen drives and your personal, private, home computer are for.
Thanks to enjay from:
zachariah (21st March 2012)
12th March 2012, 01:36 PM #24
As all employees of a school have a duty of care over each and every child in the school there is a reasonable presumption that some or most information about that child may need to be accessed by any member of staff. Areas where this is not the case is usually related to health or specific relationship information and access to this should only be given to the relevant members of staff. Within MIS there are granular contrails over this data or to modules which enable access to this data and so most MIS will meet the 8 principles. (paraphrased from notes at Information Handling and Data Security working group meetings, Becta 2008)
To summarise a few other bits (most mentioned above)
1 - The school should clearly set out in its AUP what it expects of users (staff and students) with regards to use of the school systems to hold personal files.
2 - Access to areas which might contain personal files should be restricted yet that should not interfere with the school's duty of care.
3 - Can of worms ... lets go fishing!
Ok, in reality I think most people are forgetting what is personal data and what is 'personal' files. Someone writing down a story that is nowt to do with their school work is a personal file, but is not likely to hold personal data ... this is a question about IPR surely, not about data protection. Also remember that even 'work' files can hold personal data ... take a geography lesson where children complete questionnaires about extra-curricular activities ... this could be a spreadsheet listing what each child in a class does after school, what route they walk home, etc ... yet this is in the work area?
Again, a reality check says that this sort of information is readily accessible by the staff in the school and so would be fine to access ... and the main concern should be about whether information is written down about bullying, disclosures, etc. This falls under Duty of Care and if there is a concern then it gets fed through the CPO at the school, they request access to information and deal with it. If staff have ready access to the home areas of children dn come across such information then the school needs to have a clearly set out policy of how it is reported and dealt with. Not a DP issue, but an important one nonetheless.
Also remember that the school already has granted explicit access to one or more members of staff to be able to access every file and folder ... and that trust should be explicit in your job description and contract. To also give that to other staff is a leap, but not a big one. This really is a case of not whether you can do it, but more of how you manage it and the processes to cover things and make sure nothing falls through any gaps. In risk management terms ... avoid the risk by giving no-one access ... or share the risk with staff members but you have to educate them and bind them to some rules! Remember that some staff might not *want* that responsibility!
Thanks to GrumbleDook from:
BatchFile (12th March 2012)
12th March 2012, 02:07 PM #25
Our Head has recently told us to give him access to all staff My Docs areas.
12th March 2012, 02:15 PM #26
Another reality check: I thought the Education Act said teachers can rifle through content on their *personal* mobile phones etc. [Haven't read it directly, so please correct if you definitely know otherwise]
12th March 2012, 02:47 PM #27
Yes, but only if there is 'reasonable suspicion' that they are doing something with it that they shouldn't be. Fishing expeditions are still out.
Originally Posted by PiqueABoo
Teachers can now search for and confiscate a phone simply due to it not being allowed in school, but to look through it they need to have a good reason. For example, if an accusation of cyberbullying was made, or the teacher themselves reasonably suspected this was the case, they could search the phone for evidence of cyberbullying.
12th March 2012, 02:54 PM #28
If you have an AUP in place highlighting that the storage area is for school work only, not personal files, then there isn't a data protection issue here as far as I can see - access to school work is part of the day to day running of the school, and as such covered by the normal data protection agreements etc... put in place to cover far more sensitive information (eg. the stuff in your MIS). Read only access is fine, and it is what I put in place at my last school.
Last edited by localzuk; 12th March 2012 at 02:58 PM.
12th March 2012, 03:03 PM #29
Document sharing would be easier, certainly - our Head and PA do everything in a (appropriately-secured) folder in the Shared Area for this very reason. Same goes for accessing resources when staff are unexpectedly absent. If it is because of a trust issue, or something, then it leaves a slightly different taste in the mouth, mind you, but that's not really relevant. Ultimately, so long as staff are told about this, then that's fine.
Originally Posted by stevenewman
12th March 2012, 03:12 PM #30
As far as I'm aware, they haven't been. I've certainly not been told.
Originally Posted by enjay
By dombera in forum Windows 7
Last Post: 9th August 2012, 11:37 PM
By Admiral208 in forum How do you do....it?
Last Post: 27th October 2011, 09:34 PM
Last Post: 18th March 2011, 06:20 PM
Last Post: 22nd September 2010, 04:16 PM
By Olumite in forum Network and Classroom Management
Last Post: 8th October 2007, 01:05 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)