MIS Systems Thread, What information do you allow when accessing MIS from home? in Technical; Hi guys and gals,
In terms of teachers accessing MIS from home, what data do you make available to them? ...
14th November 2012, 12:57 PM #1
What information do you allow when accessing MIS from home?
Hi guys and gals,
In terms of teachers accessing MIS from home, what data do you make available to them? What are the relevant parts of DPA that relate to this? So, we can allow access solely for report writing with no real identifiable/personal data. But, is there a good reason to allow access to things like DOB, contact details (including phone numbers and address) of parents/guardians etc..
Thanks in advance
14th November 2012, 01:36 PM #2
Which MIS do you use? The answer to that may control / restrict what you can let them see anyway.
Broadly speaking if you can, limit it to only what they need. If they're just putting marks in, then just give them assessment areas. If they need contact numbers and SLT approve the action then fine, but if you can limit it, then it's just a safer system.
14th November 2012, 02:09 PM #3
The relevant parts of the DPA are nothing more than the same parts that relate to onsite usage. There is nothing prescriptive in the DPA about remote access.
The only part of our MIS we expose for remote access is basic contact details for pupils and those people listed as emergency contacts for each pupil. We give staff this because we would rather they access the data remotely using a (strong) password than print out the details on paper and leave them lying around somewhere on a trip.
At one point there was strong guidance from the DCSF that remote access had to use two-factor authentication, but that guidance was swept away when the Tories got in, because we can just apparently do whatever we want now and market forces will determine who's right.
14th November 2012, 02:10 PM #4
They get the same access externally as they do in school here.
14th November 2012, 02:12 PM #5
...and what information do they have access to inside school? Addresses and contact details of parents (and therefore child, more often than not) and guardians etc..?
Originally Posted by FN-GM
14th November 2012, 02:13 PM #6
Thank you. Seems sensible. At the end of the day, if they wanted address details for malicious reasons, then they could be taken from school anyway.
Originally Posted by AngryTechnician
14th November 2012, 02:14 PM #7
We use PASS/3SYS. It is very customisable and I can restrict most things.
Originally Posted by vikpaw
14th November 2012, 02:18 PM #8
They have that (I Think) our data manager looks afters sims perms
Originally Posted by Ben_Stanton
14th November 2012, 02:21 PM #9
You give access to whatever is deemed relevant and then combine it with policies to ensure that it is accesses, processed and shared appropriately.
Access to DOB, etc might be given to allow pastoral staff (eg form tutors) to plan for birthdays or other notable events.
Address might allow for planning of home visits.
Other details might be part of letters home ...
The list could go on but it has to be agreed by the schools and it has to also be appropriate for work / life balance.
It is not so much what data can be shared, but where. You might allow remote access but how to do you specify that it should be done on a machine which is not viewable by others (ie those who have no rights to see or process the data)? You can do some of this with tech (ie lock it down so it is not accessible outside of school) or you can use policies / procedures.
This is related to Data Protection Principle 7.
Thanks to GrumbleDook from:
AngryTechnician (14th November 2012)
14th November 2012, 02:48 PM #10
Thank you very much GrumbleDook
Originally Posted by GrumbleDook
14th November 2012, 02:49 PM #11
We don't allow any access at all.
14th November 2012, 03:08 PM #12
Same access externally as they get internal here as well.
Have had a bit of extra piece of mind since we mixed in security certs into the authentication process of our remote PCs as well – this way even if someone were to figure out a staff members password they would need a valid AD security cert to actually connect.
14th November 2012, 11:09 PM #13
Allow remote access to the same as they would have in school but dual factor encrypted authentication using app with encrypted key built in so dual factor is seamless for user, locks machine, after a few minutes or whatever the school wants if not used and other security features inluding logging so who has accessed the system etc for auditing, tracebility.
The reason we use Dual Factor is so that if a student knew a staff username and password would not be able to access MIS systems externally.
Use polices with staff as well as security to enforce use.
Feel this is better than allowing data to go offsite and this is explained at various meetings via SLT and through school policies adn consequences.
Last edited by Steven_Cleaver; 14th November 2012 at 11:16 PM.
15th November 2012, 08:04 AM #14
The thing about remote access is, what if they leave the machine logged on, but are in an internet cafe in the costa del sol, or stuck at the airport. Even at home, if they print something out, then leave it lying around. The same issues exist at school, and the data could be taken home, but when you're not even aware of what is happening or where, it's an extra factor of potential trouble. I'd still be asking what they need and why. Doing reports from home is great, filling in behaviour reports after the fact, looking up phone numbers for parents or other things which are not essential and just a convenience i'd probably say isn't a necessity.
15th November 2012, 10:52 AM #15
Same as in school over RDP.
By b_m in forum Internet Related/Filtering/Firewall
Last Post: 24th May 2012, 11:52 AM
By HCC in forum How do you do....it?
Last Post: 18th June 2010, 08:42 PM
By link470 in forum Windows
Last Post: 4th September 2009, 09:08 PM
By johnhunsley in forum MIS Systems
Last Post: 9th December 2008, 04:48 PM
By Disease in forum MIS Systems
Last Post: 13th December 2007, 10:04 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)