Bearwood Primary School E-Safety Policy

Last Updated: March 2018

Introduction        

An effective School E-Safety Policy must be tailored to the needs of each school and an important part of the process will be the discussion and consultation which takes place during the writing or review of the policy. This will help ensure that the policy is owned and accepted by the whole school community.

Therefore, meetings are scheduled to gain views from the following groups to be incorporated into the Next Policy Review.

Schedule of Meetings for the academic year 2015/2016

•        Governors/SMT                                         Summer 2

•        Teaching Staff and Support Staff                         Summer 2

•        Pupils                                                Spring 2

•        Parents                                                Spring 2

Annual Review of Policy

To take place during  Summer 2 – Ensuring it is ready for presentation to Staff at the  annual safeguarding training held each  September.

The Autumn Term is devoted to ensuring all staff are made aware of the policy and associated scheme of work (New Starters) or remain aware and refresh their knowledge (existing staff).

Development / Monitoring / Review of this Policy

This e-safety policy has been developed by the TLR holder for Computing: Currently – Phil Timmins with the support and input from the following people/groups

Schedule for Development / Monitoring / Review

This e-safety policy was approved by the Head teacher o:

The implementation of this e-safety policy will be monitored by the:

TLR Holder for ICT: Currently Phil Timmins

Monitoring will take place at regular intervals:

Termly Review with Network Manager to be scheduled in as part of management time

The E-Safety Policy will be reviewed annually, or more regularly in the light of any significant new developments in the use of the technologies, new threats to e-safety or incidents that have taken place. The next anticipated review date will be:

July 2017

Should serious e-safety incidents take place, normal safeguarding procedures apply. CCC forms should be completed and sent to the designated person

Designated Person for Child Protection: Currently Deb Hadley

The school will monitor the impact of the policy using:  

•        Logs of reported incidents

•        Monitoring logs of internet activity (including sites visited)

•        Internal monitoring data for network activity

•        Surveys / questionnaires of

•        pupils

•        parents / carers

•        staff

Scope of the Policy

This policy applies to all members of the school community (including staff, students / pupils, volunteers, parents / carers, visitors, community users)  who have access to and are users of school ICT systems, both in and out of the school.

Roles and Responsibilities

The following section outlines the e-safety roles and responsibilities of individuals and groups within the school .

Governors / Board of Directors:

Governors / Directors are responsible for the approval of the E-Safety Policy and for reviewing the effectiveness of the policy. This will be carried out by the Governors receiving regular information about e-safety incidents and monitoring reports. The role of the E-Safety Governor / Director will include:  

•        regular meetings with the E-Safety Co-ordinator / Officer

•        regular monitoring of e-safety incident logs

•        regular monitoring of filtering / change control logs

•        reporting to relevant Governors / Board / committee / meeting

Headteacher and Senior Leaders:

•        The Headteacher has a duty of care for ensuring the safety (including e-safety) of members of the school community, though the day to day responsibility for e-safety will be delegated to the E-Safety Co-ordinator.

•        The Headteacher and (at least) another member of the Senior Leadership Team / Senior Management Team should be aware of the procedures to be followed in the event of a serious e-safety allegation being made against a member of staff 

•        The Headteacher / Senior Leaders are responsible for ensuring that the E-Safety Coordinator / Officer and other relevant staff receive suitable training to enable them to carry out their e-safety roles and to train other colleagues, as relevant.  

•        The Headteacher / Senior Leaders will ensure that there is a system in place to allow for monitoring and support of those in school who carry out the internal e-safety monitoring role. This is to provide a safety net and also support to those colleagues who take on important monitoring roles. 

•        The Senior Leadership Team / Senior Management Team will receive regular monitoring reports from the E-Safety Co-ordinator / Officer.  

E-Safety Coordinator / Officer:

•        leads the e-safety committee

•        takes day to day responsibility for e-safety issues and has a leading role in establishing and reviewing  the school e-safety policies / documents

•        ensures that all staff are aware of the procedures that need to be followed in the event of an e-safety incident taking place.

•        provides training and advice for staff

•        liaises with the Local Authority / relevant body

•        liaises with school technical staff

•        receives reports of e-safety incidents and creates a log of incidents to inform future e-safety developments, (

•        meets regularly with E-Safety Governor / Director  to discuss current issues, review incident logs and filtering / change control logs

•        attends relevant meeting / committee of Governors / Directors

•        reports regularly to Senior Leadership Team

Network Manager:

•        that the school’s technical infrastructure is secure and is not open to misuse or malicious attack

•        that the school meets required  e-safety technical requirements and any Local Authority / other relevant body E-Safety Policy / Guidance that may apply.

•        that users may only access the networks and devices through a properly enforced password protection policy, in which passwords are regularly changed

•        the filtering policy (if it has one), is applied and updated on a regular basis and that its implementation is not the sole responsibility of any single person

•        that they keep up to date with e-safety technical information in order to effectively carry out their e-safety role and to inform and update others as relevant

•        that the use of the network / internet / Virtual Learning Environment  / remote access / email is regularly monitored in order that any misuse / attempted misuse can be reported to the  Headteacher

•        that monitoring software / systems are implemented and updated as agreed in school / policies

Teaching and Support Staff

are responsible for ensuring that:

•        they have an up to date awareness of e-safety matters and of the current school / academy e-safety policy and practices

•        they have read, understood and signed the Staff Acceptable Use Policy / Agreement (AUP)

•        they report any suspected misuse or problem to the Headteacher / Senior Leader ; E-Safety Coordinator

•        all digital communications with students / pupils / parents / carers should be on a professional level and only carried out using official school systems

•        e-safety issues are embedded in all aspects of the curriculum and other activities

•        students / pupils understand and follow the  e-safety and acceptable use policies

•        students / pupils have a good understanding of research skills and the need to avoid plagiarism and uphold copyright regulations

•        they monitor the use of digital technologies, mobile devices, cameras etc in lessons and other school activities (where allowed) and implement current policies with regard to these devices

•        in lessons where internet use is pre-planned students / pupils should be guided to sites checked as suitable for their use and that processes are in place for dealing with any unsuitable material that is found in internet searches

Child Protection / Safeguarding Designated Person / Officer

 

should be trained in e-safety issues and be aware of the potential for serious child protection / safeguarding issues to arise from:

•        sharing of personal data

•        access to illegal / inappropriate materials

•        inappropriate on-line contact with adults / strangers

•        potential or actual incidents of grooming

•        cyber-bullying

Students / pupils:

•        are responsible for using the school / academy digital technology systems in accordance with the Student / Pupil Acceptable Use Policy

•        have a good understanding of research skills and the need to avoid plagiarism and uphold copyright regulations

•        need to understand the importance of reporting abuse, misuse or access to inappropriate materials and know how to do so

•        will be expected to know and understand policies on the use of mobile devices and digital cameras. They should also know and understand policies on the taking / use of images and on cyber-bullying.

•        should understand the importance of adopting good e-safety practice when using digital technologies out of school and realise that the school’s E-Safety Policy covers their actions out of school, if related to their membership of the school

Parents / Carers

Parents / Carers play a crucial role in ensuring that their children understand the need to use the internet / mobile devices in an appropriate way. The school will take every opportunity to help parents understand these issues through parents’ evenings, newsletters, letters, website and information about national / local e-safety campaigns / literature.  Parents and carers will be encouraged to support the school in promoting good e-safety practice and to follow guidelines on the appropriate use of:

•        digital and video images taken at school events

•        access to parents’ sections of the website / VLE  and on-line student / pupil records

•        their children’s personal devices in the school  (where this is allowed)


Policy Statements

Education – students / pupils

Whilst regulation and technical solutions are very important, their use must be balanced by educating pupils to take a responsible approach.  The education of pupils in e-safety is therefore an essential part of the school’s e-safety provision. Children and young people need the help and support of the school to recognise and avoid e-safety risks and build their resilience.

E-safety should be a focus in all areas of the curriculum and staff should reinforce e-safety messages across the curriculum. The e-safety curriculum should be broad, relevant and provide progression, with opportunities for creative activities and will be provided in the following ways: 

•        A planned e-safety curriculum should be provided

•        Key e-safety messages should be reinforced as part of a planned programme of assemblies

•        Students / pupils should be taught in all lessons to be critically aware of the materials / content they access on-line and be guided to validate the accuracy of information.

•        Students / pupils should be taught to acknowledge the source of information used and to respect copyright when using material accessed on the internet

•        Students / pupils should be helped to understand the need for the student / pupil Acceptable Use Agreement  and encouraged to adopt safe and responsible use both within and outside school

•        Staff should act as good role models in their use of digital technologies  the internet and mobile devices

•        in lessons where internet use is pre-planned, it is best practice that students / pupils should be guided to sites checked as suitable for their use and that processes are in place for dealing with any unsuitable material that is found in internet searches.

•        Where students / pupils are allowed to freely search the internet, staff should be vigilant in monitoring the content of the websites the young people visit.

•        It is accepted that from time to time, for good educational reasons, students may need to research topics (eg racism, drugs, discrimination) that would normally result in internet searches being blocked. In such a situation, staff can request that the Technical Staff (or other relevant designated person) can temporarily remove those sites from the filtered list  for the period of study. Any request to do so, should be auditable, with clear reasons for the need.  

Education – parents / carers

Many parents and carers have only a limited understanding of e-safety risks and issues, yet they play an essential role in the education of their children and in the monitoring / regulation of the children’s on-line behaviours. Parents may  underestimate how often children and young people come across potentially harmful and inappropriate material on the internet and may be unsure about how to respond.  

 

The school will therefore seek to provide information and awareness to parents and carers mainly through the school blog but also throughout the year through: 

•        Letters, newsletters, web site,

•        Parents / Carers evenings / sessions

•        High profile events / campaigns eg Safer Internet Day

Education & Training – Staff / Volunteers

It is essential that all staff receive e-safety training and understand their responsibilities, as outlined in this policy. Training will be offered as follows: (select / delete as appropriate)

•        A planned programme of formal e-safety training will be made available to staff. This will be regularly updated and reinforced. An audit of the e-safety training needs of all staff will be carried out regularly.  SWGfL BOOST includes unlimited online webinar training for all, or nominated, staff (http://www.swgfl.org.uk/Staying-Safe/E-Safety-BOOST/Boost-landing-page/Boost-Hub/Professional-Development)  It is expected that some staff will identify e-safety as a training need within the performance management process.

•        All new staff should receive e-safety training as part of their induction programme, ensuring that they fully understand the school e-safety policy and Acceptable Use Agreements. SWGfL BOOST includes an array of presentations and resources that can be presented to new staff (http://www.swgfl.org.uk/Staying-Safe/E-Safety-BOOST/Boost-landing-page/Boost-Hub/Resources)

•        The E-Safety Coordinator / Officer (or other nominated person) will receive regular updates through attendance at external training events (eg from  LA / other relevant organisations) and by reviewing guidance documents released by relevant organisations.

•        This E-Safety policy and its updates will be presented to and discussed by staff in staff / team meetings / INSET days.

•        The E-Safety Coordinator / Officer (or other nominated person) will provide advice / guidance / training to individuals as required.  SWGfL BOOST includes an array of presentation resources that the e-Safety coordinator can access to deliver to staff (http://www.swgfl.org.uk/Staying-Safe/E-Safety-BOOST/Boost-landing-page/Boost-Hub/Resources).  It includes presenter notes to make it easy to confidently cascade to all staff

Technical – infrastructure / equipment, filtering and monitoring  

The school will be responsible for ensuring that the school infrastructure / network is as safe and secure as is reasonably possible and that policies and procedures approved within this policy are implemented.  It will also need to ensure that the relevant people named in the above sections will be effective in carrying out their e-safety responsibilities: 

•        School technical systems will be managed in ways that ensure that the school meets recommended technical requirements 

•        There will be regular reviews and audits of the safety and security of school technical systems

•        Servers, wireless systems and cabling must be securely located and physical access restricted

•        All users will have clearly defined access rights to school technical systems and devices.

•        All users (at Year 4 and above) will be provided with a unique username and secure password by (Network Manager) who will keep an up to date record of users and their usernames. Users are responsible for the security of their username and password and will be required to change their password if they believe it to be compromised 

•        The “master / administrator” passwords for the school ICT system, used by the Network Manager (or other person) must also be available to the Headteacher / Principal or other nominated senior leader and kept in a secure place (eg school safe)

•        The Network Manager is responsible for ensuring that software licence logs are accurate and up to date and that regular checks are made to reconcile the number of licences purchased against the number of software installations 

 

Use of digital and video images

The development of digital imaging technologies has created significant benefits to learning, allowing staff and students / pupils instant use of images that they have recorded themselves or downloaded from the internet. However, staff, parents / carers and students / pupils need to be aware of the risks associated with publishing digital images on the internet. Such images may provide avenues for cyberbullying to take place. Digital images may remain available on the internet forever and may cause harm or embarrassment to individuals in the short or longer term. It is common for employers to carry out internet searches for information about potential and existing employees. The school will inform and educate users about these risks and will implement policies to reduce the likelihood of the potential for harm:  (select / delete as appropriate)

•        When using digital images, staff should inform and educate students / pupils about the risks associated with the taking, use, sharing, publication and distribution of images. In particular they should recognise the risks attached to publishing their own images on the internet eg on social networking sites.

        In accordance with guidance from the Information Commissioner’s Office, parents / carers are welcome to take videos and digital images of their children at school events for their own personal use (as such use in not covered by the Data Protection Act). To respect everyone’s privacy and in some cases protection, these images should not be published / made publicly available on social networking sites, nor should parents / carers comment on any activities involving other students / pupils in the digital / video images.

        Staff and volunteers  are allowed to take digital / video images to support educational aims, but must follow school policies concerning the sharing, distribution and publication of those images. Those  images should only be taken on school equipment, the personal equipment of staff should not be used for such purposes.

        Care should be taken when taking digital / video images that students / pupils are appropriately dressed and are not participating in activities that might bring the individuals or the school into disrepute.

        Students / pupils must not take, use, share, publish or distribute images of others without their permission

        Photographs published on the website, or elsewhere that include students / pupils will be selected carefully and will comply with good practice guidance on the use of such images.

        Students’ / Pupils’ full names will not be used anywhere on a website or blog, particularly in association with photographs.

        Written permission from parents or carers will be obtained before photographs of students / pupils are published on the school website

        Student’s / Pupil’s work can only be published with the permission of the student / pupil and parents or carers.

Data Protection

Personal data will be recorded, processed, transferred and made available according to the Data Protection Act 1998 which states that personal data must be:

•        Fairly and lawfully processed

•        Processed for limited purposes

•        Adequate, relevant and not excessive

•        Accurate

•        Kept no longer than is necessary

•        Processed in accordance with the data subject’s rights

•        Secure

•        Only transferred to others with adequate protection.

Following a number of “high profile” losses of personal data by public organisations, schools are likely to be subject to greater scrutiny in their care and use of personal data. A School Personal Data template is available in the appendices to this document. (Schools / Academies should review and amend this appendix, if they wish to adopt it. Schools / Academies should also ensure that they take account of relevant policies and guidance provided by local authorities or other relevant bodies).

The school / academy must ensure that:

Staff must ensure that they: (schools / academies may wish to include more detail about their own data / password / encryption / secure transfer processes)

•        At all times take care to ensure the safe keeping of personal data, minimising the risk of its loss or misuse.

•        Use personal data only on secure password protected computers and other devices, ensuring that they are properly “logged-off” at the end of any session in which they are using personal data.

•        Transfer data using encryption and secure password protected devices.

When  personal data is stored on any portable computer system, memory stick or any other removable media:

•        the data must be encrypted and password protected

•        the device must be password protected (many  memory sticks / cards and other mobile devices cannot be password protected)

•        the device must offer approved virus and malware checking software

•        the data must be securely deleted from the device, in line with school policy (below) once it has been transferred or its use is complete

 (The  school will need to set its own policy as to whether data storage on removal media is allowed, even if encrypted – some organisations do not allow storage of personal data on  removable devices.)

The Personal Data Handling Policy Template in the appendix provides more detailed guidance on the school’s / academy’s responsibilities and on good practice.

Social Media - Protecting Professional Identity

With an increase in use of all types of social media for professional and personal purposes a policy that sets out clear guidance for staff to manage risk and behaviour online is essential. Core messages should include the protection of pupils, the school and the individual when publishing any material online.  Expectations for teachers’ professional conduct are set out in ‘Teachers Standards 2012’.  While, Ofsted’s e-safety framework  2012, reviews how a school protects and educates staff and pupils in their use of technology, including what measures would be expected to be in place to intervene and support should a particular issue arise.

All schools, academies and local authorities have a duty of care to provide a safe learning environment for pupils and staff.  Schools/academies and local authorities could be held responsible, indirectly for acts of their employees in the course of their employment.  Staff members who harass, cyberbully, discriminate on the grounds of sex, race or disability or who defame a third party may render the school / academy or local authority liable to the injured party.   Reasonable steps to prevent predictable harm must be in place.

The school provides the following measures to ensure reasonable steps are in place to minimise risk of harm to pupils, staff and the school through limiting access to personal information:

School staff should ensure that:

The school’s / academy’s use of social media for professional purposes will be checked regularly by the senior risk officer and e-safety committee to ensure compliance with the Social Media, Data Protection, Communications, Digital Image and Video Policies.  SWGfL BOOST includes SWGfL Alerts that highlight any reference to the school/academy in any online media (newspaper or social media) for example http://www.swgfl.org.uk/Staying-Safe/E-Safety-BOOST/Boost-landing-page/Boost-Hub/Alerts