+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 28
MIS Systems Thread, non Capita Personnel Database in Technical; So. Our Bursar has expressed concern that the Staff personnel details are being stored in the same database that all ...
  1. #1
    User3204's Avatar
    Join Date
    Aug 2006
    Location
    Wirral
    Posts
    769
    Thank Post
    55
    Thanked 66 Times in 62 Posts
    Rep Power
    34

    non Capita Personnel Database

    So.

    Our Bursar has expressed concern that the Staff personnel details are being stored in the same database that all the Student details are being stored in.

    She is worried that some staff (support staff) are able to access names, addresses, etc, etc, for the staff (IE other teachers).

    So, I have been tasked to see if there are any other Personnal software(s) available, which there are, boatloads no doubt. But, obviously, I want something that is as easy to use as possible, doesn't link through to the SIMS .net database, but is stilll able to output files externally for the Census / pulse returns(or whatever the stupid thing is, that has the staff names), that we have to send up to the DCSF/LA every term.

    Basically, she doesn't trust Capita to make sure that SIMS .net has enough security, or that it is working.


    What does everyone else use ?
    Has anyone else expressed concerns about this access ?

    Does anyone have any useful solutions, that don't involve me being rude to the Bursar ?

  2. #2

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,665
    Thank Post
    850
    Thanked 893 Times in 738 Posts
    Blog Entries
    9
    Rep Power
    328
    Surely its the job of the NM to ensure that all users have the appropriate security set? That being the case if the staff are not alowed access to those details thier accounts on the MIS should be denied access to that area of the MIS? If this is not the case then the NM is at fault for not setting the MIS security permissions correctly.

  3. #3

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,680
    Thank Post
    516
    Thanked 2,451 Times in 1,897 Posts
    Blog Entries
    24
    Rep Power
    832
    We use SIMS.net, like most people - the permissions system in SIMS.net is pretty robust - people can only see staff details if they are given permissions to! If some staff are able to see those things, and they're not supposed to, then their permissions have been set incorrectly. Any software will have this problem - ie. garbage in garbage out errors.

    I would suggest that the Bursar needs to go on a training course regarding the system manager module, to be shown how graduated the control is, so her mind is put at ease. (I assume it is the bursar who is in control of the permissions in SIMS.net, as that's how it is here - our Bursar is also our SIMS.net manager. If not, then the bursar needs to speak to the person who does do this and get it sorted).

    Also, pointing out that the majority of schools in the UK use the module would indicate there isn't a problem!

  4. #4
    SteveB's Avatar
    Join Date
    Jun 2008
    Location
    Midlands
    Posts
    128
    Thank Post
    19
    Thanked 4 Times in 4 Posts
    Rep Power
    13
    Please also consider the headaches that will occur once Workforce Census is in full swing and you are having to manaully calculate from a Third Party app. Set the permissions so staff can't see any staff contact details.... done.

  5. #5

    Join Date
    Nov 2006
    Location
    Kendal
    Posts
    1,555
    Thank Post
    112
    Thanked 177 Times in 144 Posts
    Rep Power
    71
    As localzuk says - SIMS personnel is pretty robust. Most of our staff can't see personnel details such as addresses. The ones that can are meant to! It is pretty easy to make it that way and I can't imagine you'd find a product that is much different.

  6. #6

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,593
    Thank Post
    109
    Thanked 764 Times in 595 Posts
    Rep Power
    181
    AFAIK you would have to keep at least a subset of the information in SIMS anyway because of the way that Personnel ties in with the timetabling functions.

    I believe there's also ways to leverage your Personnel data in FMS too so that you can do budget forcasting for wages, etc. Perhaps your bursar doesn't realise that there are additional benefits like this?

    Another way to set their mind at rest would be to give them an account with the same security set as the person they don't trust and let them see what can and can't be accessed.

  7. #7

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,933
    Thank Post
    1,339
    Thanked 1,783 Times in 1,106 Posts
    Blog Entries
    19
    Rep Power
    594
    A good exercise to do to understand data ownership is to view all the present options and groups within System Manager and create your own groups rather than the Capita pre-defined groups. You can then document what access you have given to what groups and who is a member of those groups.

    It will also help your bursar understand how granular access can be.

  8. #8

    vikpaw's Avatar
    Join Date
    Sep 2006
    Location
    Saudi Arabia
    Posts
    5,851
    Thank Post
    672
    Thanked 1,383 Times in 1,145 Posts
    Rep Power
    350
    Agree with Localzuk and the others. I made a video yonks ago demonstrating editing sims permission groups.

    See these threads, maybe even direct the bursar to the threads.

    Restricting access to SIMS

    SIMS Support - Groups and Permissions

  9. #9
    Sivadam's Avatar
    Join Date
    Feb 2009
    Location
    Dronfield - Derbyshire
    Posts
    1,449
    Thank Post
    136
    Thanked 208 Times in 175 Posts
    Rep Power
    55
    The Permissions in SIMS as defined by System Manager are EXCELLENT.

    Sometimes this cannot be said of the ability of the person appointed as System Manager. It is vital that this person fully understand how SM works so that fears expressed in the original post are allayed.

  10. #10
    Jamman960's Avatar
    Join Date
    Sep 2007
    Location
    London/Kent
    Posts
    988
    Thank Post
    186
    Thanked 194 Times in 156 Posts
    Rep Power
    46
    I guess this is similar to how many schools had Admin and Curriculum networks and have since(in most cases) scrapped one of the networks in favour of having one network with good security in place to ensure people only see what they need to see. As above I'd stick with the one database for everything and ensure the security is configured correctly.

  11. #11

    Join Date
    May 2009
    Location
    Sheffield
    Posts
    247
    Thank Post
    23
    Thanked 37 Times in 28 Posts
    Rep Power
    20
    Sims has good granular control over access - for example, I'm data manager at our site but I can't view employees' personnel records, because I don't need to. It's quite a fine level of control.

    As others have said, things work better when you use sims's personnel features fully. Rolling your own system will probably be far less secure.

  12. #12
    User3204's Avatar
    Join Date
    Aug 2006
    Location
    Wirral
    Posts
    769
    Thank Post
    55
    Thanked 66 Times in 62 Posts
    Rep Power
    34
    Ah so I take it everyone uses SIMS for this stuff then.

    It's funny I bet no other industry stores its internal personnel data in the same software database as their sales/customer data... but anyway.


    The trouble is recently we've started putting these details into SIMS .net and it has become apparent that certain groups have more access to data than we expected them to, for example the "School Administrator" group can see all the staff details (which in hindsight makes sense), but we found that we have had to give out this level of access to enable certain support staff to do their job (the KS5 support assistant needs something in this group to enable them to do the EMA, but we can't see what it is).

    ...and before you ask the previous system was paper based... but with the workforce census, it means we have to computerise it all.


    Part of the issue is that there is no single person in charge of SIMS, for good reason, as we tried to spread the responsibility when the last SIMS Manager left, so we all knew what was going on. What we need to do is spend a week on working out what the SIMS permissions are, what the staff need access into, and then creating the requisite groups.... but I was hoping for an easier solution. We've looked at the permissions spreadsheet before and fact that it runs to 15 pages (a3) means yes it is really granular, but I have problems knowing what the things mean and it will take a while to go through stuff.

    The easiest, quickest and most secure solution is to pull it all out of SIMS put it into a new database, and only allow Personnel staff access to this new database. We use Sage for payroll for this exact reason and in this way, there are only 2 users able to use Sage, and I'm not one of them.

    Oh, and just because no one else has complained about something doesn't mean that no one else has noticed (or knowing most users, grumbled quietly in the corner).

    Thanks anyway, I think I'll keep looking around, possibly CMIS could help.

  13. #13

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,680
    Thank Post
    516
    Thanked 2,451 Times in 1,897 Posts
    Blog Entries
    24
    Rep Power
    832
    Sorry, but if you don't care to learn how to set up permissions, then any solution you implement will still be full of holes. Why not simply do as suggested, and learn how to use the software? Security by obscurity is not true security.

    The integration of the various parts of SIMS.net are there for a reason - to make running a school easier. Personnel is integrated into Nova-T, it is also able to keep track of all your different census requirements easily. Why make your life more difficult in the long run because you can't get your head around the permissions in the short-run?

    If you're unsure about it, why not contact Capita and have them set it up how you want? I'm sure that'd be cheaper and more effective than licensing an entirely different system.

    Our finance officer has no access to personnel. There is no reason you can't set this up correctly!

    And, comparisons between industry software and education MIS systems don't work - schools are not businesses, plain and simple. A SME doesn't normally have a piece of software tailored directly to their enterprise type. A large business would, but they'd have a lot more staff than a school has. So, MIS's are there to make the 'business functions' of a school simpler, by integrating them.

  14. #14


    Join Date
    Jul 2007
    Location
    Rural heck
    Posts
    2,662
    Thank Post
    120
    Thanked 434 Times in 353 Posts
    Rep Power
    126
    Quote Originally Posted by User3204 View Post
    It's funny I bet no other industry stores its internal personnel data in the same software database as their sales/customer data... but anyway.
    Apart from any accounts package that does both payroll and invoicing.

  15. #15
    Jamman960's Avatar
    Join Date
    Sep 2007
    Location
    London/Kent
    Posts
    988
    Thank Post
    186
    Thanked 194 Times in 156 Posts
    Rep Power
    46
    I really don't see the issue with having both employee and customer data in the same place - keeping students out of sims is just as important as ensuring staff members don't see each others details.

    One thing you could try is creating a cloned custom group with the same permissions as the school admin group. Then all you'd need to do is remove the excess permissions.(create a custom group then in the group permissions tab select add role then choose school admin). This should take all of 10 minutes and provide a quick fix
    Last edited by Jamman960; 26th October 2009 at 02:23 PM.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Sims.Net Personnel Permissions
    By tech_guy in forum MIS Systems
    Replies: 1
    Last Post: 13th November 2008, 03:08 PM
  2. Old SIMS Launcher Personnel Exe
    By moggy in forum MIS Systems
    Replies: 6
    Last Post: 3rd October 2008, 12:43 PM
  3. Personnel info not being updated in FMS
    By Oops_my_bad in forum MIS Systems
    Replies: 5
    Last Post: 23rd November 2007, 12:34 PM
  4. Disaster recovery - loss of key personnel
    By Oops_my_bad in forum School ICT Policies
    Replies: 15
    Last Post: 26th September 2007, 08:09 AM
  5. Personnel 5.1 on Terminal Services
    By SteveMC in forum MIS Systems
    Replies: 2
    Last Post: 6th June 2007, 09:44 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •