Two particular pieces of legal guidance to be aware of
The Freedom of Information Act states that schools must respond to requests for information pertaining to individual pupils in a timely fashion. Failure to meet FoIA requests can and does lead to action by the Information Commissioner’s Office (ICO). Changes to Special Education Needs (SEN) legislation are expected to deliver increased numbers of requests.
Compliance with BS10008 enables you to destroy paper files, whilst ensuring that the electronic copies remain legally admissible. Schools are required to produce a full audit trail to prove the veracity of their documentation. They must also implement a mechanism to prove that documents have not been tampered with and employ a retention policy.
Practical steps towards compliance
Having developed a records management policy and conducted an information audit you are in a good position to decide how to implement access controls for your documents.
Compliance can be complex and problematic if you are working with scattered documents that are stored in several different ways. For example, you may have some paper child protection documents in a locked cabinet accessible only by your child protection officer. Other documents relating to the same pupil may be stored in your admin office or held in your SIMS database, computer files and applications (such as email inboxes) or digital storage devices. A sensible first step is to minimise variations in document formats and locations. A good electronic document management system (EDMS) can assist this by bringing documents and storage systems together for access via one reference point.
Whether you are working with paper or digital files, or a mix of both, there are some important legal compliance questions to address.
"Pupil records should be kept securely at all times. Paper records should be kept in lockable storage areas with restricted access, and the contents should be secure within the file. Equally, electronic records should have appropriate security" – IRMS Toolkit.
Question: How do you store your records? How do you guarantee that they are never left unattended and seen by unauthorised people?
Paper: The IRMS suggests a clear desk policy involving the removal of physical records to locked storage facilities whilst they are not in use, whilst restricting access to offices where confidential files are being stored or worked on. It is likely that you will need to split records in order to store sensitive documents separately, for access only by authorised people.
EDMS: Allocate login details and access rights to individual users so that they can only access file types that they are authorised to see. For example, your child protection officer will be able to see sensitive records that a secretary working in your admin office will not be able to see. You can prevent sensitive documents from being shared, printed, deleted and/or over-written. Computer monitors can be set to switch to stand-by after a set period of inactivity, requiring the user to enter a password to re-activate the screen. This means documents left on-screen at unattended desks will be protected.
"A pupil or their nominated representative have the legal right to see their file at any point during their education and even until the record is destroyed. This is their right of subject access under the Data Protection Act 1998" – IRMS Toolkit.
Question: ICO judgements against schools falling foul of the FoIA have, to date, been largely for failure to comply with requests in a timely or complete fashion. If you were asked to provide a copy of every document you have ever stored on an individual pupil, how easily could you respond and could you be absolutely certain that you had a complete file with not a single document missing?
Paper: With the ICO list in mind, the location of information is paramount. Physical filing can be a problem in that files can only be in the hands of one person at any one time, are often not replaced and are at risk of being lost. Your storage and archiving system is critical. The way you log where physical files are placed, and your strategies for avoiding filing errors, are fundamental to ensuring that you can rapidly bring together comprehensive information.
EDMS: Search facilities provide immediate and comprehensive access to documents that can be accessed via the system. This simplifies preparation for audits and FoIA requests whilst reducing the risk of missing information – providing the EDMS is a central document store.
"Staff should be encouraged not to take personal data on staff or students out of the school" – IRMS Toolkit.
Question: Does paperwork ever leave your premises? If so, how do you keep it secure?
Paper: The IRMS guidance here is to check paper files out from a central system and log details of the borrower to create an audit trail. This does require an element of trust as you cannot control what happens to documents once they leave your building. There is also a risk of human error when it comes to logging - and document theft or loss outside of school.
EDMS: Data that is held on your servers may be accessed remotely, negating any need to ever transfer data onto a portable device such as a laptop. This mitigates several risks that arise from allowing documents to leave your premises – including theft, damage and loss.
"Access arrangements for pupil records should ensure that confidentiality is maintained, whilst equally enabling information to be shared lawfully and appropriately, and to be accessible for those authorised to see it" – IRMS Toolkit.
Question: How do you ensure that only authorised personnel can access confidential information? How do you monitor and evidence this? How quick and easy is the process?
Paper: Documents can only be held in one location, so ensure that only authorised people can access them using lockable storage. In addition, consider placing record sheets into sensitive files to log access information.
EDMS: In addition to the security functionality detailed above (logins and permissions), an EDMS system has the benefits of an audit trail of user activity. This allows the adoption of much more of a ‘trusted’ approach to security, as well as being a key component of ensuring that your electronic records remain legally admissible. Unlike files saved on disks or similar media, an EDMS compliant with BS10008 allows you to use electronic documents as evidence. Clearly, you should only consider disposing of your paper records if your EDMS holds legally admissible information.
Approaching access and security with a view to making information available quickly to those who need it is a great aid to both implementing the policies developed from your information audit and ensuring that you are well placed to cope with the demands of prevailing legislation.