Xporter-Mock-up.png

Data Broker Services Data Sharing Agreement

The Groupcall Data Broker Service (DBS) is a secure and self-configuring platform allowing ad-hoc movement of data between over 800 schools and other organisations such as Groupcall partners, Academy Groups, or Local Authorities.

Groupcall DBS is typically used where a school either has a centrally or cloud-hosted MIS product and/or where the destination system has Groupcall’s XVault data aggregation product.

Groupcall DBS operates in two modes, depending on your scenario you may be using one or both of those modes. Read on, as this document will explain in more detail.

Table of Contents

On-demand DBS  Cached DBS

On-demand DBS allows systems that you authorise for access to make ad-hoc requests for your school data, and an installation of Groupcall Xporter in your school services those requests on demand.  You authorise and revoke access to specific destination systems within your Groupcall Xporter installation.

Cached DBS creates a cache of some of your school data in the DBS platform, for access by partners you authorise to make ad-hoc requests for your school data.  You authorise specific destination systems by giving them a credential to access it via DBS, and must contact Groupcall to revoke access.

Document Aims

This document explains the safeguarding and security of this data and forms our Data Sharing Agreement with you when you use this service and it also forms our advice and information to you to aid you in fulfilling your statutory responsibility in safeguarding your school data. In order to use the DBS your organisation must understand and accept this agreement - use of the service implies your acceptance.

As numerous destination systems can be connected to Groupcall DBS you should sign a separate data sharing agreement for each destination system separately.  Groupcall DBS implements the transportation of data to those systems but does not control how the delivered data is safeguarded.

Special notes

RM Integris G2 / S2
This document makes specific mention of data extraction via Cached DBS for RM Integris G2 / S2.  Please note that this is in reference only to the Integris “CMTF feed” which due to its nature requires that Cached DBS is used. This is different to data access via the separate Integris Web Service which does not pass through Groupcall systems unless you are using it to populate your school data into a Groupcall product, such as Groupcall Messenger v5.
Pembrokeshire
Pembrokeshire Local Authority operates a locally hosted version of the Cached DBS platform for purposes of moving data between their locally hosted Integris G2 schools and their locally hosted XVault.  Hence this data sharing agreement applies to the operation of Groupcall Data Broker Services (Cached) in their environment but the information regarding hosting of data in Microsoft Azure does not; instead the data is hosted within Pembrokeshire Local Authority and subjected to their security and safety considerations.

Which mode of DBS am I running?

Your Groupcall Partner (i.e. destination system vendor) will be able to tell you categorically which mode of DBS you are using.  If they are uncertain or if you are using DBS as part of a direct school relationship with Groupcall then please contact Groupcall Support (support@groupcall.com) for further assistance.

Overview of DBS Data Movement

This diagram explains the movement of data within DBS for both cached and on-demand mode.  Depending on your configuration you may be using one or both of these modes – this document will explain more as you read it.

DBSFlows.jpg

Click image to expand

Availability of Groupcall DBS modes

Source System To Groupcall XVault To Groupcall Xporter
Xporter on Local MIS On-Demand n/a
Xporter on LA-hosted MIS [1] On-Demand Cached
Integris G2 / S2 [2] Cached Cached

[1] This requires your local authority to be a Groupcall Xporter or Groupcall DBS customer.
[2] This will be the case if you are applying for a 'two-part' RM CMTF Feed activation, which requires use of Cached DBS to present your school data to Groupcall Partners.

DBS Fair Use Policy

It is for schools to ensure that as data controllers they have the ability to share data in this way and that they consider there to be appropriate measures in place to ensure that the data is held securely and confidentially. This document sets out how Groupcall supports these objectives.

Groupcall and its suppliers will be acting as ‘data processors’ as defined by applicable data protection legislation such as the GDPR, DPA 2018 and any successors to these. Groupcall has taken all reasonable measures to ensure the safety and security of the personal information, and continues to review these measures on an on-going basis.

DBS Transfer and Use of Personal Information

Groupcall DBS securely transports information as requested by destination systems; Cached DBS will also requires specific personal information be cached within the DBS platform for purposes of serving to one or more destination systems.  See Data Security for more information about messages queued within DBS.

The data being requested and transmitted is governed by the Data Sharing Agreement you have with each destination system that you have authorised.   You should refer to this document to determine the data that is transported through and/or cached in the DBS platform.

If you are using ON-Demand DBS:
Data messages containing personal information will be queued temporarily within DBS, particularly if the requesting destination system is under high workload or becomes offline.  No caches of data are maintained in DBS for On-Demand customers unless they are also a Cached DBS customer.
If you are using Cached DBS:

Cached DBS will receive daily uploads of changed records from your MIS, and provide that data to one or more destination systems that you have authorised.  In order to operate Cached DBS, Groupcall must securely cache a subset of your school data within the DBS platform.  The data cached is generic and governed by the system providing data into the DBS Cache.1. Personal information about pupils who are currently on roll:

  • Name and preferred name
  • UPN
  • Gender
  • Date of birth
  • Address
  • Contact email and phones
  • Free school meals entitlement
  • Special educational needs and reviews
  • Medical alert summary
  • Doctors surgery
  • Mode of travel
  • Academic year, registration group and house
  • Attendance marks
  • Assessment (only when fed via Integris G2 / S2)
  • Behaviour (only when fed via Integris G2 / S2)

2. Personal information about adults currently in the employ of the school:

  • Name and preferred name
  • Date of birth
  • Address
  • Email address
  • Job role

3. Personal information about pupil contacts with parental responsibility:

  • Name and preferred name
  • Gender
  • Date of birth
  • Contact phones, email and fax
  • Address

4. Information about your school:

  • School name and establishment number
  • Class, registration and house groups
  • Timetable, subjects and

Notes:

  1. This list of fields represents the maximum possible transfer; business requirements and MIS data availability dictate that in some cases a lesser level of data than listed is actually transferred.

DBS Data Security

This information gives details of the management of data security in relation to the use of Groupcall Data Broker Services, which schools may wish to use with their fair use policy.

Groupcall DBS encrypts all data during transit using SSL encryption, and stores queued or cached data within the Groupcall DBS platform.   The Groupcall DBS platform is hosted in Microsoft Azure in the Europe North territory and you can find out more about this platform at the Windows Azure Trust Centre; however in summary the data in Azure is protected from exposure by multiple layers of firewalling, authentication and physical access control.

Revocation of access for On-Demand DBS destinations does not revoke access of Cached DBS destinations, and vice-versa; if you need to revoke for both types of DBS destination then contact Groupcall Support.

Access of data by On-Demand DBS clients

An On-Demand DBS client, such as Groupcall XVault installed within a Groupcall Partner’s platform is subjected to both authentication and authorisation to request data from a school.  This is achieved by firstly verifying the authenticity of the Groupcall XVault client, by means of a 256-bit security key, and then by confirming that the school requested has permitted that specific Groupcall Partner to request their data.

Revocation of On-Demand DBS access by a destination system can be applied within a school at any time; contact Groupcall Support for further information.  Please note that revoking a destination system does not remove data already received by that destination, you should refer to your data sharing agreement for that specific destination system to understand that process.

Access of data by Cached DBS clients

A Cached DBS client, such as Groupcall XVault installed within a Groupcall Partner’s platform or Groupcall Xporter installed within a school for a school-based Groupcall Partner product, is subjected to both authentication and authorisation by means of a 256-bit security key which must differ for each specific school Cached in DBS.  Hence a Cached DBS client must have multiple school security keys to access multiple schools.

The same security key is used by all clients you allow to access your Cached DBS data, and so to revoke access for a destination system you must contact Groupcall Support and have your Cached DBS Key (a.k.a. ‘G2X Secret’) reset.  This will revoke all destination systems, and you can then provide your new secret to those partners you with to continue allowing access to.  Please note that revoking a destination system does not remove data already received by that destination, you should refer to your data sharing agreement for that specific destination system to understand that process.

Upload of Cached DBS data into Groupcall DBS

Groupcall DBS requires that you request your MIS provider (either RM or your centrally hosted MIS operator) to enable their Cached DBS feed.  To accept data into Groupcall DBS you must also notify Groupcall of your intentions as per our activations process.  After the initial full upload, only additions, changes, and deletions to data are transmitted and those changes are effected shortly after receipt.  The uploaded data is protected by SSL which serves not only to encrypt the data in transit but also to verify that data is being uploaded to Groupcall DBS and not another location.

Groupcall Support Personnel & Data Security

The Support team at Groupcall are able to resolve or advise you on any technical issues that you encounter while using Groupcall products, however they are unable to advise on any other issues affecting Groupcall Partner products and in such instances you should refer to the support arrangements for that specific Groupcall Partner.

Often it is necessary for a Groupcall support technicians to view the issue with you, in order to diagnose it fully and offer a solution. In circumstances where support technicians need to view the issue with, you they may use remote access tools to view your  computer with you, in which case you should remain at your computer and supervise the entire session.  All of our remote sessions allow you to retain control and allow you to terminate the session at any time.  If your issue escalates and an additional support technician is required, then additional Groupcall staff may join the remote session.

If your issue is a platform issue or requires changes to your account configuration, then Groupcall staff may perform such configuration on your behalf from our secure management platform without requirement for remote access.

You are reminded that you should avoid sending personal information, such as student/contact records, to Groupcall directly.  You certainly should only send such information when supported by strong encryption, if there is an explicit requirement to do so.  Groupcall staff will advise the most secure method for transfer if there is such an explicit requirement.