Data Privacy Summary Contents
The purpose of this document is to provide an explanation of data privacy terms and considerations in the context of Groupcall Data Sharing Agreement (DSA) and Security documents. This document is for guidance only. Any member of staff with a responsibility for data in your school should familiarise themselves with the latest information on the Information Commissioner’s Office website at http://www.ico.gov.uk and participate in relevant courses such as the Data Protection Act (DPA).
The 8 core Data Protection Act principles are:
- Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless –
- at least one of the conditions in Schedule 2 is met, and
- in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met.
- Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
- Personal data shall be accurate and, where necessary, kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
- Personal data shall be processed in accordance with the rights of data subjects under this Act.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
- Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
Data means information which –
- is being processed by means of equipment operating automatically in response to instructions given for that purpose,
- is recorded with the intention that it should be processed by means of such equipment,
- is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system,
- does not fall within paragraph A, B or C but forms part of an accessible record as defined by section 68 of the Data Protection Act, or
- is recorded information held by a public authority and does not fall within any of paragraphs A to D.
Paragraphs A and B make it clear that information that is held on computer, or is intended to be held on computer, is data. So data is also information recorded on paper if you intend to put it on computer.
Personal data means data, which relates to a living individual who can be identified –
- from those data, or
- from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller,
and includes any expression of opinion about the individual and any indication of the intentions of the Data Controller or any other person in respect of the individual.
The Data Controller is a person who (either alone, or jointly, or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.
The Data Processor is any person (other than an employee of the Data Controller) who processes data on behalf of the Data Controller.
The Data Processor and the Data Controller must agree to –
- what data is extracted;
- the frequency and schedule of data extraction;
- where the data is extracted to;
- and what the data will be used for.
This forms part of the application process to use relevant Groupcall Products. The Head Teacher or an authorised member of staff will agree to have read and understood the terms and conditions outlined below:
The Groupcall Product in question is provided by Groupcall Limited (“Groupcall”) and its suppliers. We are responsible for ensuring that your data is adequately protected in relation to the operation of the Groupcall Product platform in question.
If you are already a Groupcall customer then please contact Groupcall Support. If you are a prospective customer then please contact our sales team by emailing firstname.lastname@example.org or call 020 8502 7344.
The data in the Groupcall Product reflects the data in your school MIS system, hence to correct any inaccuracies in the Groupcall Product you should correct the data in your MIS and allow an overnight update to occur.
If it is important that data changes are shown in the Groupcall Product more urgently. For example, if a parent has been restricted from contact with their child by court order, then you can contact Groupcall Support for assistance, by emailing email@example.com or call 020 8502 7344.
We collect students, staff and parental contact and grouping information such as school record identifiers, names, gender, date of birth, electronic contact details, language preference and recent attendance marks. The full information we collect is detailed under the "Transfer and Use of Personal Information" section. For each specific product's see, Data Sharing Agreements.
There are additional product specific terms and conditions detailed in each product's Data Sharing Agreement.
With all Government and public sector systems there is a need to make sure that information stored in them is appropriately protected. ‘Appropriate’ could range from:
- open to the public;
- to patient records;
- right through to highly secret national security information.
So there needs to be a process to assess what is required in each case. When you think about risks to a system, it makes sense to think about the “What if” should the system be compromised. The impact that it would have on the school is a logical place to start. If you group that into levels, you get Business Impact Levels. They are currently defined from 0 (no impact) to 6 (severe impact).
An Impact Level (IL) comes from consideration of 3 potential compromise areas:
- Confidentiality – the potential impact if the information is seen by those who should not see it;
- Integrity – the potential impact if the accuracy or completeness of the information is compromised,
- Availability – the potential impact if the information becomes inaccessible.
It is very unlikely that a school will be responsible for datasets with a BIL (or IL) value of greater than 4.
The following table defines the Impact Levels most likely to require managing by schools and includes some examples:
|Personally identifiable, or aggregated beyond 1,000 records
||Limited impact but caution must be taken at all times.|
||The vast majority of data should be classified at IL2-Protect, or lower. Likely to cause embarrassment to an individual, or organisation.|
||Most of the information in a school’s MIS is likely to fall into this category. Likely to cause loss of reputation to an individual, or organisation.|
|IL4||Additional detail to Special Needs, or Child in Care||Likely to cause loss of reputation to an individual, or organisation.|