At SixIntoSeven we believe that you should take the same care when uploading your data onto the web as you do when you take your pupils out through the school gate. We have therefore carefully constructed a four-way process to maximise data security.
All access to SixIntoSeven is through the school’s Google or Microsoft accounts. This means that who can log onto SixIntoSeven is controlled by the head or principal of the school and the complexity of the password, and the frequency at which is changed, is determined by the institution’s own policy.
Accessing different modules
SixIntoSeven is all about sharing information to describe the whole child. However, we recognise that some of the sensitive information should only be seen by the appropriate professional. The standard template is therefore divided up into different modules with access granted to specific groups, just like a Management Information System such as SIMS. Only the head, or someone to whom they have granted full access, can download all the information. This applies to both primary and secondary schools.
Sharing data between schools
Sharing personal data with a third party is not something which any professional should undertake lightly. This includes information going by email, by spreadsheet as well as through internet-based apps. Appropriate agreements must be signed which show the rights and responsibilities of the sender and the receiver.
This is a complex legal process which is time-consuming and expensive to complete. We have included within SixIntoSeven data sharing and participation which have been audited and agreed by Derbyshire County Council’s well regarded Data Protection for Schools organisation, which is part of their Education Data Hub. These must be signed whenever a link is established between two schools.
Find out more about Derbyshire’s Data Protection For Schools
SixIntoSeven – Cyber Essentials
As well as helping ensure that your school meets GDPR standards, we have also obtained validation that ours does too. We have been awarded the Cyber Essentials certificate. This is awarded by the UK government’s National Cyber Security Centre and, to quote the NCSC, Cyber Essentials gives you protection against a wide variety of the most common cyber-attacks. This is important because vulnerability to simple attacks can mark you out as target for more in-depth unwanted attention from cyber criminals and others.
Certification gives you peace of mind that your defences will protect against the vast majority of common cyber-attacks simply because these attacks are looking for targets which do not have the Cyber Essentials technical controls in place.
Master Policy Number CY0472259
Certificate No. 40922
Find out more about Cyber Essentials.