I'm being asked by schools what they should do to prepare their staff for working at home. Below I have given a few pointers on what to think about in order to minimise the risks. Don't forget these are exceptional circumstances and it will be recognised by the ICO that personal data will need to be processed even though schools may be closed!
These are some of the risks you must consider when your staff are working at home:
Unencrypted devices
Others having access to the device/sharing the device
Loss of device
Divulging personal data, accidentally or unknowingly
Paper copies being lost/printed
Any paper copies need to be locked away and not left out on the table when not in use
Locking devices when walking away from it, in even in your own home
Teachers’ mark sheets and records to be kept safe
SEN & FSM data
Staffing records
Parents' and governors' information
Only process minimum personal data - the name and class will often be sufficient
Safeguarding information – there is a risk if this data needs to be transmitted, therefore staff must take extra care and think twice before transferring any such data
Staff will be instructed remotely how to check that their devices are safely encrypted
Staff MUST continue to report ALL data breaches and the school's DPO/DP Lead Officer's details must be given to all staff to enable reporting to take place promptly
Comments