Matthew Nunn posted - "Also, in more general terms, do other institutions
have a policy for dealing with general personal telephone enquiries. Do you
have any policies
whereby you use a student number as a means of identifying individuals? Or
do you trust the caller that they are who they say they are? If the
information is particularly sensitive then I believe that calling the
person back on a number already recorded by the student themselves at
enrolment is sensible".
............
The e-envoy website has some useful guidance on authentication levels and
verification issues.
The authentication framework is at
www.e-envoy.gov.uk/publications/frameworks/authentication/contents.htm
and the caller validation for govt. call centres is
www.e-envoy.gov.uk/publications/frameworks/callcentres/guidelines.htm
(I've listed htm format, but the docs are also available in a number of
formats)
regards
Su
Su Goulding
Legal Officer, NSPCC
020-7825-1393
[log in to unmask]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
