In a previous job we used to have a access to data form which was part of our AUP. If someone wants access to another persons data, be it because they are off sick or an investigation. They will fill out a form stating the nature of the request, this has to be signed by a member of Senior management (who then takes responsibility not you) for this and then you sign as the facilitator. This is a point I have made to my school, the head is ultimatley responsible for data security, they delegate that to IT Administrators, but the administrator is only there to act for them and they take responsibility as they have asked for it to be done and a log is kept. Its the same for unblocking websites, SLT are there to lead, let them do just that.
No they can't. They can put as many clauses in as they want, but they are not legally enforceable.
Originally Posted by dwhyte85
(They do though, the sneaky *****!)