Impossible to audit.
Impossible to remove access.
Probably programmed as well as it was designed.
Ian
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Adam Warren
Sent: 06 June 2007 22:23
To: [log in to unmask]
Subject: [data-protection] Access to pupil information via school
internet
Hello
A school puts information concerning all its pupils on the school
website,
accessible by a simple password announced to all staff during a staff
meeting. The purpose is to allow staff to contact pupils' parents when
off- site. The information available includes pupil:
Name
Address
Tel no
DOB
Exam results
Aptitude test results
Any thoughts re DP breaches?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|