- Management Standards
- Certified Companies
Schools and colleges now conduct a vast amount of business electronically. Much data is held on emails, word-processing files, spread-sheets and databases. Storing this data and ensuring its security and confidentiality is a major challenge.
The attendant risks and penalties facing many schools crystallised in April 2010 when the Information Commissioner’s Office (ICO), which oversees and enforces the Data Protection Act 1998 (DPA), introduced fines of up to £500,000 for serious data breaches.
It was not long before the ICO began doling out fines. A recent case in Leeds saw sensitive personal details about a child in care sent to the wrong person, revealing details of a criminal offence, school attendance and information about the child’s relationship with their mother. When sending internal mail, the council re-use envelopes that have been used for external mail. But in this case the external address wasn’t crossed out, and so the sensitive file was posted to someone who had nothing to do with this case. Leeds City Council were served with a monetary penalty of £95.000.
In a bid to strengthen their security processes, schools are moving towards Information Security Systems. QG Business Solutions has now developed an ISM Standard for Schools, following the principles of ISO 27000 the QG-ISMS assists Schools in protecting their confidential information.