vic_logo
education.vic.gov.au

School operations

Privacy and Information Sharing

DET InfoSafe Program

All school and corporate staff must take reasonable steps to ensure that personal and health information they create, handle or have responsibility for is kept secure and protected from misuse and loss, and from unauthorised access, modification, disclosure or destruction.

The DET InfoSafe Program has been established as part of the Department’s commitment to ensuring that the information it holds is managed and shared sensitively and securely to protect staff, students and their families.

The DET InfoSafe Program will implement a number of privacy and information security initiatives to lift both school and corporate staff capabilities.

For information about this program, refer to DET InfoSafe Program.

For measures schools must take to support students to engage with digital technology in a safe and responsible way, refer to the Cybersafety and Responsible Use of Digital Technologies Policy.

Information and communication technology (ICT) security policies

Information Security (InfoSafe) Policy:

  • sets out the Department’s information security requirements for schools
  • provides guidance on identifying and reporting ICT security incidents

Acceptable Use Policy for ICT Resources for direction to corporate and school staff on acceptable use of ICT resources.

Edupass — Identity and Access Management in Schools Policy for direction on password security requirements. 

Portable Storage Device Security Policy provides guidance to corporate and school staff on security for portable storage devices containing sensitive or protected information.

Records management

Good records management practices are vital for keeping personal information secure.

For advice and responsibilities relating to the management, storage and disposal of records, refer to Records Management — School Records Policy.

School procurement of ICT systems

For information on the procurement procedure for schools, refer to Procurement — Schools.

When schools procure ICT applications and systems, they need to ensure compliance with a number of legislative obligations, including privacy, data protection, records management and accessibility. To support schools in doing this, the Supplier Compliance process has been established to evaluate ICT suppliers.

For information on this process, refer to Supplier Compliance Process.

Guidance chapter on the Department's commitment to ensuring the information it holds is managed and shared sensitively and securely to protect staff, students and their families

Reviewed 04 October 2021

Was this page helpful?