Back to website

Public Policy
Information Security Policy
Account Security
- - Use individual accounts only. Staff should not share passwords or portal access codes.
- - Change temporary passwords after first login and whenever an account may have been exposed.
- - Administrators should review roles, permissions, offboarding, and audit logs regularly.
Student Data Handling
- - Student records, age, contact details, medical notes, scores, attendance, fees, and reports are confidential.
- - Access student data only for teaching, care, finance, reporting, safeguarding, and approved administration.
- - Exported reports and downloaded files must be stored securely and shared only with approved recipients.
Incident Reporting
- - Report lost devices, unusual account activity, wrong recipient emails, or suspected data exposure immediately.
- - Administrators should preserve audit logs and archive records needed for investigation.
- - Temporary access restrictions may be applied while a security concern is reviewed.