Data Transfer Method. All parties to this agreement are responsible for ensuring that appropriate security and confidentiality procedures are in place to protect the transfer, storage and use of the shared, person identifiable data.
Data Transfer Method. The parties to this Agreement are responsible for ensuring that appropriate security and confidentiality procedures are in place to protect the transfer, storage and use of the shared, person identifiable data. Each party will make sure that personal data shall be processed in a manner that ensures appropriate security of the personal data including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage using appropriate technical solutions or organisational measures in accordance with principle 7 of the DPA/Article 5(1)(f) of the GDPR. BMBC and schools must make sure they have procedures in place to prevent: Accidental compromise or damage during storage, handling, use, processing, transmission or transport; Deliberate compromise or opportunist attack; Unauthorised disposal or destruction of the data; Unauthorised access; Accidental loss of personal data should be avoided through the implementation of appropriate security procedures. Regular flow (specify frequency) See Appendix A Ad hoc More than 21 items per flow Yes Less than 21 items per flow Give full details of how the transfer will be made and what security measures will be in place e.g. encryption, business secure mail or recorded signed for etc. Face to face Named point of contact at BMBC and school Telephone Electronically (state method) Perspective Lite Secure File Transfer (Angel Solutions) Secure E Mail Yes – Egress, 7zip, password protected Secure Mail Secure Courier Encrypted Removable Media Other Synergy – Servelec (Orchestra) Has a risk assessment been carried out on the chosen methods of transfer? Yes – BMBC Information Security Team What are the identified risks? Email is sent to the wrong email address – training provided to all staff – access to email can be revoked.
Data Transfer Method. All parties to this agreement are responsible for ensuring that appropriate security and confidentiality procedures are in place to protect the transfer, storage and use of the shared, person identifiable data. Regular flow (specify frequency) Daily Ad hoc N/A Give full details of how the transfer will be made and what security measures will be in place e.g. encryption, business secure mail or recorded signed for etc. Face to face N/A Telephone Contact schools to resolve pupil levels data conflicts. AnyComms N/A Secure E Mail To facilitate additional data validation from the DfE. Secure Mail N/A Secure Courier N/A Encrypted Removable Media N/A Other (please state method) Pupil level data is transferred from the schools Management Information System using encrypted third party file transfer. The transfer of this data is automatic and secure. Has a risk assessment been carried out on the chosen methods of transfer? Risk Factors have been assessed in DPIA number DPO21-47. What are the identified risks? Risks identified in DPIA number DPO21-47. An employee may gain unauthorised access to the system, accessing personal data inappropriately. Either via password sharing or IT system error. A user may download the data and use it for an unauthorised purpose. An outside agency tries to access the data (hacking) Data not being backed up, data which is lost is not capable of being retrieved An employee changes sensitive data for their own purposes Personal Sensitive Data is being shared with multiple parties in a joint project and there is the possibility of it going to the wrong place or ensuring the compliance of data protection of the other parties Inadequate functionality (risks: not able to locate/delete records)
Data Transfer Method. All parties to this agreement are responsible for ensuring that appropriate security and confidentiality procedures are in place to protect the transfer, storage and use of the shared, person identifiable data. Regular flow (specify frequency) The Provider submits details of the children eligible to free early education and care on a termly basis i.e. school term. The Provider also submits their data for the Annual Early Years Census return by the deadline set in January. Providers must submit their data in accordance with the deadlines set out in the claim deadlines and payment schedule, the schedule for the financial year 2020/21 can be downloaded here: xxxxx://xxx.xxxxxxxx.xxx.xx/beta/working-with- children/pdf/childcare-providers/free-early-education-care-funding-calendar- 20.pdf Academies must continue to provide daily/weekly pupil data transfers to the School Data Quality Team via the automated transfer system as per the Data Sharing Agreement with the School Data Quality Team. Give full details of how the transfer will be made and what security measures will be in place. Other (please state method) Transfer of child data from the Provider to Kirklees Council is via a secure online portal provided by Servelec. Each Provider has a secure login xxxxx://xxxxxxxxxxxxxxxxxxxxx.xxxxxxxx.xxx.xx/SynergyWebsite_Live/ Transfer of child data from Academies to Kirklees Council is also via Groupcall Xporter and Anycomms+, authorised officers/staff have a secure login xxxxx://xxx.xxxxxxxx.xxx.xx/Login.aspx Transfer of Early Years Pupil Premium eligibility confirmation from Kirklees Council to Academies is via AnyComms+, authorised officers/staff have a secure login xxxxx://xxx.xxxxxxxx.xxx.xx/Login.aspx Transfer of eligibility evidence from the Provider to Kirklees Council is via a secure document upload xxx.xxxxxxxx.xxx.xx/xxxxxxxxxx Transfer from Kirklees Council to the Department for Education is via a secure online portal, authorised officers have a secure login xxxxx://xxxxxxxx.xxxxxx.xxxxxxxxx.xxx.xx Has a risk assessment been carried out on the chosen methods of transfer? Yes What are the identified risks? Council network violation Department for Education network violation Login details accessed by unauthorised officers/staff Data sent to incorrect recipient 8. Audit and Review Organisation’s Name Kirklees Council – Learning and Early Support Service – Childcare Sufficiency Team Address Kirkgate Buildings, Xxxxx Street, Huddersfie...
Data Transfer Method. All parties to this agreement are responsible for ensuring that appropriate security and confidentiality procedures are in place to protect the transfer, storage and use of the shared, person identifiable data. Regular flow (specify frequency) Ad hoc More than 21 items per flow Less than 21 items per flow For Police Data: It is expected that parties of this agreement will have in place baseline security measures compliant with or be equivalent to BS17799: 2005 and ISO/IEC 27001:2013 and HMG standards in relation to information security.
Data Transfer Method. The Parties agree to use secure file transfer protocol as the secure data transfer system to protect the privacy of the Data Exchange.
Data Transfer Method. Data is transferred via an automated electronic data interchange (data feed). An automated process has been created to collect and transfer the data securely. When the agreement is signed, each school will approve the set up of the data feed which may involve some installation of software. Once the data feed is approved there is no manual input. Stability of the data feed is monitored by Wakefield Council to ensure data is transmitted daily. Regular flow (specify frequency) Data flow is entirely automated and data will be extracted from connected schools on a daily basis for transfer to the EYES system Ad hoc N/A More than 21 items per flow Yes Fewer than 21 items per flow No Face to face N/A Telephone N/A Safe haven fax (or faxed following procedure) N/A Electronically (state method) Using an electronic data interchange methodology data is extracted from the school’s management information system using the functionality of the Groupcall Xporter module on a daily basis. This will then be stored in the XVault database which is hosted by Liquidlogic on a secure network on behalf of Wakefield Council. The XVault database stores the latest set of data collected from each connected school. The EYES systems has a connection enabling the system to query the XVault to collect data to import into EYES. The imported data is held securely in a set of staging tables for processing where pupil records are matched to existing records in the EYES system and data differences are highlighted for resolution. Secure Mail N/A Secure Courier N/A Encrypted Removable Media N/A Other N/A The methods used will vary dependent on individual circumstances and organisational policies and procedures. Has a risk assessment been carried out on the chosen methods of transfer? The transfer of data is through an automated process using accredited and trusted software. The software also enables the data to be held in a database on a secure network which is hosted by Liquid Logic on behalf of the Council What are the identified risks? As part of the procurement and ongoing implementation process, due diligence has been carried out by Wakefield Council’s Technology Service on the range of functionality of the EYES and this has included system and integration within the Council network. Functionality and security arrangements have been found to be fully compliant with Council requirements.
