Poll: Has a government-related organisation requested pupil data sent in plain text?

+ Post New Thread
Results 1 to 5 of 5
School ICT Policies Thread, Student info requested by external (local gov) agencies in plain text. in School Administration; I (as you'd expect) said no and mentioned that we were willing to provide the data if it was sent ...
  1. #1


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,715
    Thank Post
    288
    Thanked 789 Times in 616 Posts
    Rep Power
    226

    Student info requested by external (local gov) agencies in plain text.

    I (as you'd expect) said no and mentioned that we were willing to provide the data if it was sent via secure means, encrypted and stored securely at the other end, but their current methods include printing and posting or via excel attached to an email.

    I expect some pushback from them and will work with them for an acceptable solution, but I'll be damned if we're going to be the school who's pupil details get into the public domain.

    How many of you are running into local government/local government-affiliated quangos/bodies that aren't fulfilling their data protection obligations and are making requests of schools (sending pupil data in the clear) that would get said school into trouble?

  2. #2

    webman's Avatar
    Join Date
    Nov 2005
    Location
    North East England
    Posts
    8,422
    Thank Post
    645
    Thanked 967 Times in 667 Posts
    Blog Entries
    2
    Rep Power
    328
    Which government body/quango in question?

  3. #3


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,715
    Thank Post
    288
    Thanked 789 Times in 616 Posts
    Rep Power
    226
    Quote Originally Posted by webman View Post
    Which government body/quango in question?
    I'll decline to answer that for the moment, since I'm hoping we can settle this amicably and educate them along the way. It's a local gov-affiliated org, rather than a national one.

  4. #4

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,890 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614
    No, No, No, No, No!!!!

    Schools can use S2S or other secure systems to transfer files to the LA or between LAs (or things like AVCO).

    The other problem I have seen (in fact just had an email asking me to investigate) is that some LA / RBC filters block password protected zip files and so you *cannot* email them across.

    An option I would suggest people look at is a password-protected area of their website, drop the password protected file into it, send the link or give a ring to the LA/third party, give them the URL and password, they download and then get the zip password, they unzip and you delete the file off your server. If possibly do it over https too ...

    3rd party companies should really have their own drop box for things like this anyway and I have to admit I have failed to renew products due to their position on security of data.

  5. #5


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,715
    Thank Post
    288
    Thanked 789 Times in 616 Posts
    Rep Power
    226
    Encrypted Office files do pass through our LEA email without issue. Office 2007 has 128-bit AES as an option, so we'll probably go down that route and then phone across with the password (which won't be the default, easily guessed one they wanted us to use).

    Of course, I bet they can't open Office 2007 documents.

    --

    Secondary question which may or may not apply in this case:

    If you know/strongly suspect that they won't be keeping the data securely after they've recieved it, is it reasonable to refuse?



SHARE:
+ Post New Thread

Similar Threads

  1. ICT Agencies
    By Hightower in forum Educational IT Jobs
    Replies: 7
    Last Post: 13th January 2009, 12:05 PM
  2. IT Headhunters \ Recruitment Agencies
    By somabc in forum General Chat
    Replies: 20
    Last Post: 11th December 2008, 10:05 AM
  3. Wikis in Plain English
    By FN-GM in forum General Chat
    Replies: 0
    Last Post: 19th September 2007, 05:31 PM
  4. External student email access
    By Norphy in forum How do you do....it?
    Replies: 30
    Last Post: 10th November 2006, 01:24 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •