Educational establishments hold sensitive information, including student/staff details, qualifications/grades, payment details, etc. The Data Protection Act ensures this confidential information is only accessible by authorised personnel and is not left unattended. It is an essential requirement that all teaching establishments have policies (Data Protection Policy) and procedures in place to ensure data protection is not breached. This will be implemented using two primary methods, the first is educating staff to ensure they understand the data protection policy and how it relates to them, the second method is to implement security systems to prevent unauthorised data breaches, such as all users have password protected accounts. It is essential that copyright rules are enforced within all teaching establishments, as they would be liable to legal action if it was discovered that members of staff were breaching copyright. This is handled within the teaching organisation using two methods; the first is to educate staff in what is acceptable, such as the guides to follow when photocopying and scanning from printed material and the second method is further security systems preventing staff and students from installing software, thus removing the opportunity to install pirated software.
Students provide the teaching establishment with a large amount of information that must remain private under the General Data Protection Regulation (GDPR). This information relates to personal information about the student, it is not confidential as a large number of people will know this information, such as their address, however, students are unlikely to want their address broadcast to all their class mates. It is essential that privacy notices when students originally enrol are clear regarding how their information will be used and stored. “Confidential information is any information to which the common law ‘duty of confidence’ applies” (UCL, 2019), confidential information is information that only a limited number of people know, this is information that you may share with your doctor and that you wouldn’t want anyone else knowing. It is possible this information would have an impact on a student’s studies and as a result may need sharing with their tutor; this information doesn’t need reporting or referring and so should remain confidential. The vast majority of confidential information that is provided to staff will remain confidential and if sharing that information would benefit the student, permission will be obtained before the information is shared, however, there are some exceptions. These exceptions relate to the health and wellbeing of students, including the student sharing the information. This could include a student disclosing they are being abused, in this situation the lecturer must make it clear, ideally before the disclosure, that the information must be shared with the safeguarding team so that it can be referred to the correct authority. Another reason that confidentiality will be broken is if a student discloses that they plan to harm another student or member of staff. Staff must be educated on the procedure that must be followed and that it is clearly documented in the safeguarding policy.
UCL. (2019). Handling confidential information from students. Retrieved from University College London: https://www.ucl.ac.uk/students/support-and-wellbeing/wellbeing-and-mental-health/handling-confidential-information-students