Many schools have struggled to keep up with changes in the rules covering the use of technology in public institutions, says Mark Orchison. They do so at their peril.

Schools are not spending as much on technology this year, the British Education Suppliers Association’s market barometer shows. This is hardly surprising: with budgets in their current state, the last thing school leaders want to hear about is how to upgrade their interactive whiteboards.

Much of the focus at this year’s Bett education technology conference, now on in London, is on learning tools, parent communication apps, careers software, assessment data analytics, virtual reality headsets and how to use Micro:bits and gaming in the classroom.

With budgets in their current state, the last thing school leaders want to hear about is how to upgrade their interactive whiteboards

All these no doubt make school a more enjoyable place for parents, staff and children. But the problem with all the edtech messaging is twofold: companies want to sell outputs, as within the current market they need quick wins; and new technology makes better headlines than talking about the reality of compliance obligations.

The most pressing IT challenges for schools right now, however, are not sourcing more products, but working out a practical way to effectively use what they already have, reducing costs and ensuring compliance with the raft of new or updated statutory requirements.

Legislation covering the use of technology in public institutions has changed so quickly in recent years that many schools have struggled to keep up. Here are the three key areas schools should be investing in:

1. Safeguarding

Schools need to be compliant with the updated Keeping Children Safe in Education 2016 statutory guidance.

Since December, in every technology and safeguarding health check we have completed – checking technology systems in regard of their safeguarding obligations – every school has needed significant additional support, both to understand the types of data their systems generate, and what they need to do to assess and evaluate it.

Some schools think they are protected because the filtering platform they use is a reputable one and talks the “Keeping Children Safe” talk. But even if you’re lucky enough to have the system that is updated for what you need, it’s often poorly configured, leaving gaping holes in access to the internet.

Many primary schools outsource their IT systems to providers who often aren’t aware of their obligations. In secondary schools, the network manager, IT manager and sometimes the designated safeguarding lead aren’t always up to date with the policies, processes and procedures.

It’s fair to say that all school leaders are acutely aware of the consequences of not being compliant with statutory safeguarding obligations. Now it’s really important that schools prioritise getting the audits, expertise and support they need to ensure the effectiveness of school IT systems, policies and procedures.

2. EFA financial handbook

The handbook has been updated and there are some interesting changes that trusts and academies need to address. The foci of the changes are predominantly around risk management, audit and compliance. This isn’t just about financial controls, policies and processes, it’s more about the identification of areas of spend such as buildings, facilities management, ICT, as well as ensuring there are robust, measurable checks and balances that demonstrate compliance.

3. General data protection regulations 2018

From May next year, all organisations will have to comply with the new general data protection regulations, but preparation needs to start now. The changes are quite complex and have a different impact on schools and MATs with over 250 staff. How schools implement the changes is dependent on a large number of variables.

Compliance will not go away with Brexit. Legislatively, all public authorities – including schools – must have a nominated data protection officer with professional experience and knowledge of data protection law, taking into consideration the amount of data processing and sensitivity of that data.

Some products will no doubt come to market to aid this process – Microsoft, for example, is launching the AZURE information protection system.

However, schools should be aware in advance of the potential future costs and resources required.

In short, our message to schools is to assess and evaluate the effective of ICT, make sure it works as it should and evidence compliance!

 

Mark Orchison is managing director at 9ine Consulting