Poll: Has a government-related organisation requested pupil data sent in plain text?

+ Post New Thread
Results 1 to 5 of 5
School ICT Policies Thread, Student info requested by external (local gov) agencies in plain text. in School Administration; I (as you'd expect) said no and mentioned that we were willing to provide the data if it was sent ...
  1. #1


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,638
    Thank Post
    275
    Thanked 778 Times in 605 Posts
    Rep Power
    223

    Student info requested by external (local gov) agencies in plain text.

    I (as you'd expect) said no and mentioned that we were willing to provide the data if it was sent via secure means, encrypted and stored securely at the other end, but their current methods include printing and posting or via excel attached to an email.

    I expect some pushback from them and will work with them for an acceptable solution, but I'll be damned if we're going to be the school who's pupil details get into the public domain.

    How many of you are running into local government/local government-affiliated quangos/bodies that aren't fulfilling their data protection obligations and are making requests of schools (sending pupil data in the clear) that would get said school into trouble?

  2. #2

    webman's Avatar
    Join Date
    Nov 2005
    Location
    North East England
    Posts
    8,406
    Thank Post
    639
    Thanked 961 Times in 661 Posts
    Blog Entries
    2
    Rep Power
    324
    Which government body/quango in question?

  3. #3


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,638
    Thank Post
    275
    Thanked 778 Times in 605 Posts
    Rep Power
    223
    Quote Originally Posted by webman View Post
    Which government body/quango in question?
    I'll decline to answer that for the moment, since I'm hoping we can settle this amicably and educate them along the way. It's a local gov-affiliated org, rather than a national one.

  4. #4

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,935
    Thank Post
    1,341
    Thanked 1,783 Times in 1,106 Posts
    Blog Entries
    19
    Rep Power
    594
    No, No, No, No, No!!!!

    Schools can use S2S or other secure systems to transfer files to the LA or between LAs (or things like AVCO).

    The other problem I have seen (in fact just had an email asking me to investigate) is that some LA / RBC filters block password protected zip files and so you *cannot* email them across.

    An option I would suggest people look at is a password-protected area of their website, drop the password protected file into it, send the link or give a ring to the LA/third party, give them the URL and password, they download and then get the zip password, they unzip and you delete the file off your server. If possibly do it over https too ...

    3rd party companies should really have their own drop box for things like this anyway and I have to admit I have failed to renew products due to their position on security of data.

  5. #5


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,638
    Thank Post
    275
    Thanked 778 Times in 605 Posts
    Rep Power
    223
    Encrypted Office files do pass through our LEA email without issue. Office 2007 has 128-bit AES as an option, so we'll probably go down that route and then phone across with the password (which won't be the default, easily guessed one they wanted us to use).

    Of course, I bet they can't open Office 2007 documents.

    --

    Secondary question which may or may not apply in this case:

    If you know/strongly suspect that they won't be keeping the data securely after they've recieved it, is it reasonable to refuse?

SHARE:
+ Post New Thread

Similar Threads

  1. ICT Agencies
    By Hightower in forum Educational IT Jobs
    Replies: 7
    Last Post: 13th January 2009, 11:05 AM
  2. IT Headhunters \ Recruitment Agencies
    By somabc in forum General Chat
    Replies: 20
    Last Post: 11th December 2008, 09:05 AM
  3. Wikis in Plain English
    By FN-GM in forum General Chat
    Replies: 0
    Last Post: 19th September 2007, 04:31 PM
  4. External student email access
    By Norphy in forum How do you do....it?
    Replies: 30
    Last Post: 10th November 2006, 12:24 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •