+ Post New Thread
Results 1 to 4 of 4
School ICT Policies Thread, Data Protection - Transfer data to others in School Administration; We transfer lots of data with lots of other companies/organistions. I've yet to find a company that dosen't tell you ...
  1. #1
    Dancer's Avatar
    Join Date
    Mar 2009
    Location
    Norfolk
    Posts
    26
    Thank Post
    2
    Thanked 6 Times in 5 Posts
    Rep Power
    13

    Data Protection - Transfer data to others

    We transfer lots of data with lots of other companies/organistions.
    I've yet to find a company that dosen't tell you that they fully comply with the data protection act and your data will be completely secure.
    but what checks (due diligence) do you carry out prior to transfering data that all is secure and above board?

    Often decisions have been made to transfer the data before it gets to me to do and when I ask questions about the organistations and their security I get vague answers and told to get on with it.
    Does anyone have a "checklist" I could issue to senior/middle management to use when signing up to transfer data?

  2. #2

    Dos_Box's Avatar
    Join Date
    Jun 2005
    Location
    Preston, Lancashire
    Posts
    9,441
    Thank Post
    701
    Thanked 2,302 Times in 1,063 Posts
    Blog Entries
    23
    Rep Power
    678
    You should have written and signed agreements from the receiving company about the steps they take to keep the data protected with if it is an outside organisation. For schools this would be, for example, to another LEA outside of your own, as you would fall under the umbrella of your LEAs data protection policy.

  3. #3
    Dancer's Avatar
    Join Date
    Mar 2009
    Location
    Norfolk
    Posts
    26
    Thank Post
    2
    Thanked 6 Times in 5 Posts
    Rep Power
    13
    Quote Originally Posted by Dos_Box View Post
    You should have written and signed agreements from the receiving company about the steps they take to keep the data protected
    Thanks Dos_Box
    Will add a requirement to have written agreement on how the data will protected and used to the schools data protection policy.

    Is it enough to just to accept these assurances?

  4. #4

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614
    2 key things ... the written statement (or in the contract) should state that they will comply with all data protection laws and follow *your* data compliance (ie only make use of the data for the things that *you* state the data should be used for).

    You may need to inform the data owners (ie tell parents and students) who will have access to the data outside of the schools (from the LA point of view, usually communicated via the Fair Processing notice) but you might have to just add it in an appendix to your published data protection policy.



SHARE:
+ Post New Thread

Similar Threads

  1. USB on the go - data transfer with no PC
    By Ben_Stanton in forum How do you do....it?
    Replies: 3
    Last Post: 4th September 2009, 03:10 PM
  2. Transfer Nova T4 data?
    By 7andY in forum MIS Systems
    Replies: 2
    Last Post: 24th April 2009, 03:02 PM
  3. Secure Data Transfer System
    By Jobos in forum Windows
    Replies: 4
    Last Post: 4th November 2008, 01:12 PM
  4. Testing data transfer
    By plexer in forum How do you do....it?
    Replies: 6
    Last Post: 21st August 2008, 08:56 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •