Printable View
Thanks Nath. Good job.
Sanity has been restored and now we are back to me being the only one authorised to actually use the password.
Two other teachers are to have knowledge of it to use in my absence, and technical alterations to be carried out by a third party support company or authorised beforehand by the Head and documented. This will be reviewed come December 31st when the teachers won't be allowed to touch it.
Comments?
Thanks again Geoff - I intend to pass that on to the Head.
Is that correct Geoff - is it against the DPA for a teaching staff to have access to pupil files that they do not teach?Quote:
One of the provisions in the DPA basically says 'Data must be securely kept'. Clearly because your teacher friend has access to data he doesn't need to have access too. i.e. other staffs files and pupils files he does not teach. One cannot consider that data secure. Especially as he isn't someone under you direct control.
Under the provisions of the DPA you are not permitted to access personal information stored on computer systems at your workplace that is not relevant to doing your job.
Its basically covered in Schedule 2 of the Act if you wish to get tangled up in legalese.
If he's not teaching all pupils he certainly doesn't need to access their data.
Even leaving the issue of pupils data aside, he shouldn't need to access other members of staff data ever. That in itself is reason enough to take domain admin access from him in my book.
Congrats mark :) I get the final say in who gets the password, or admin level access. Seems I'm lucky, and I thought I had things bad.
Well, I'd certainly think the DP Registrar might have a thing or two to say about it, if they were that students tutor or HoY maybe... but not just random teachers. Only our IT Teachers have access to kids work, and I gave that grudingly.
The way to get around careless bus drivers is to create a copy of the domain admin user and give it a ridiculous username/password. You then seal this in an envelope and lock it away in the safe for use in emergencies.
The Lancs auditors like this method too - much praise when I told them about it ;)
You are so devious Ric_ ! Must admit the thought has crossed my mind ;).
But someone else does know the password I hope... :)
this is what i have done also.Quote:
Originally Posted by Ric_
Just a small thought here but will Job Eval help here?
i.e. for those of us that are unclear on our "roles" (especially what the SMT's decide regarding our roles) or other members of staff not realising that they shouldn't be doing something or performing something, etc. (like with mark's case) - Would job eval help clear up what should and shouldn't be happening when it comes in?
In my case, I clearly dont know where i stand, and being of the 'gutless' sort, I find it hard to ask those sort of questions like the other day he went a bit defensive when I asked him about the student AUP lol - all I wanted to do was see it lol.
Its funny how they dont want you to have the money/status of network admin, etc., but then everything is your responsibility when things happen - like bromcom. I didnt get asked on it, or get involved at all, then when it buggered up the other month, apparently "I" was responsible for managing it lol - I think I made a good point back at him tho, and finally got the admin staff to "ring the damn helpdesk themselves" (after all, thats what its for lol)
*ahem*....'scuse my rantin yet again lol...but I hope you see my point in posting this... :S !?
Regards,
Nath