Open Menu

© 2018 Capita Business Services Ltd. All rights reserved.

Capita Education Software Solutions is a trading name of Capita Business Services Ltd. Our Registered office is 30 Berners Street, London, W1T 3LR and our registered number is 02299747. Further information about Capita plc can be found in our legal statement.

Ts and Cs - GDPR DPIA for the ESS Portal for Integrators

Introduction

This document is intended to meet the requirements of ICO for GDPR DPIA Summary, namely to identify:

  • A description of the processing operations and the purposes, including, where applicable, the legitimate interests pursued by the controller.
  • An assessment of the necessity and proportionality of the processing in relation to the purpose.
  • An assessment of the risks to individuals.
  • The measures in place to address risk, including security and to demonstrate that you comply.
  • A DPIA can address more than one project.

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/accountability-and-governance/data-protection-impact-assessments/

DPIA Summary

Product:                 

  • ESS Partner Management Portal (accessed by ESS staff)
  • ESS Partner Registration Portal (accessed by the general public – for applications only)                               
  • Partner Portal (Accessed by partners)

Purpose:

This is a set of public/internal facing websites which enables ESS and their Partners to manage access to SIMS Primary and other APIs.  In so doing these portals will enable ESS and Partners to manage access to school’s data held in SIMS by partner products.

Security:                 

  • Azure AD including 2 factor authentication where appropriate.
  • Data at rest is encrypted.
  • The SIMS Partner Management Team control access to the limited data stored.

Data Held:              

The data held is minimal but does constitute personally identifiable information (PII) because it contains the name and work contact details of ESS’s contact at the partner’s company.

The extent of the data collected must allow ESS’s Partner Team to contact the partner with regard to their development.  It is acceptable but less desirable to record generic information for example:

  • Forename:         Development
  • Surname:           Manager
  • Email:            development@partner.com

In the case of a live relationship with a partner company, the name of a real person would ease communications, for example a phone call for example to ESS asking for the ‘Development Manager’ would be ambiguous.

In the case of a partner choosing to end their relationship with ESS, we would ask that at PII be replaced with a valid generic set of details. 

Data will be extended to record support details for specific products which will be released for live usage.  We would urge partners not to provide personal emails for this purpose but to provide generic but targeted product contact details(PCD):

Data Usage:           

The data held will be used for the management of the system and contact with the company concerned with regard to the partner service provided and / or contracted. 

On occasion we may send automated mail relevant to the management of the system and/or the usage of this system. 

The data will not be provided to persons outside of ESS and more specifically outside of nominated members of the partner team.   

At a future point in time we will provide the PCD to end users to enable them to easily onboard the partner’s products and obtain support when required.

Assessment of Risk:

On the assumption that users provide only the information requested and that contact information is for work and not personal/home contact information then the risk to individuals from the PII held is very low. 

Link to Capita GDPR Guidance
Link to ESS GDPR resources

 

                              

 

Example from www.capita-sims.co.uk

The information that we would expect would often be available on public web sites and ‘Contact John Smith at John.Smith@example.com for further information’ is not uncommon as an addition.

 

Data Retention:     

  • Partners are welcome to replace PII with generic addresses at any time and at that once this has been affected, ESS will no longer hold PII within the system for registrants.
  • Data within the system will be held for an unspecified period for the purposes of legal compliance and operational needs.

Policy for Data Breach:

  • The PPI data held is intended to identify a person in their normal place of work and to enable ESS to contact them. The remainder of the data is commercially sensitive rather than personally sensitive.
  •  ESS will follow our corporate policy in case of any reported data breach.
  •  ESS will happily change data held to a generic non-PPI version as discussed above upon request.
  •  ESS will comply with all requirements of GDPR reporting in regard to any data breach reports.

Data held:         

Area

Field

Area

Field

Contact

Company Phone

Company

Company Name

Contact

Company email

Company

Website

Contact

Last Name

Company

Mailing Address 1

Contact

First Name

Company

Mailing Address 2

Contact

Title

Company

Mailing Address 3

 

 

Company

City/Town

 

 

Company

County

 

 

Company

Country

 

 

Company

Post Code

 

 

Company

Requirements for integration

Future Data

 

As discussed above we intend to extend the data held, however will ask partners not to use PII.

Product:                           ID

Support Email:       Non-personal email for support of the product

Support Phone:      Non-personal phone for support of the product

Forename:              Use generic e.g. School

 Surname:               Use generic e.g. Support

Access to ESS Products

Partners may be granted access to ESS products for test, development, support and other purposes based on wholly fictitious training data as a result of the partner registration process; we refer to these as ‘Demo Systems’.  ESS will often allow data in Demo Systems to be updated but can not accept responsibility for data breaches of real data keyed or otherwise entered in to any Demo System provided. 

For example:

A user chose to add the details of their child in to a ESS SIMS Demo System then it is possible that the data would be visible to other people and breach the rights of the data subject.

ESS LTD expressly forbids users of Demo Systems entering details of living people.  Users are asked to make up example data.

For similar reasons, please ensure that any data ‘made up’ is inoffensive based assuming that any accidental viewer is easily offended.