Progress Stream Data Handling and Security Policy

Background

As Progress Stream will be handling highly sensitive data, it is important that due care and attention is taken around the storage and handling of this data as well as who can access it. This document aims to outline the processes and practices put in place to protect the data and to minimise the risk of breach or leakage. It also details our breach notification process.

Data security

  1. Our main data store is a cloud based database within Google Cloud Platform

  2. Data in the database is encrypted in transit and at rest

  3. No student names are stored in the database, only the enrollment_id which is unique to each school, reducing chance of data having value if leaked

  4. During data load, enrollment_id is transformed into a unique ps_id to further reduce the chance of data having value if leaked

  5. Highly sensitive data like SEN, Pupil Premium, etc is held in a separate table by ps_id

  6. Historical and predicted grade data is stored in a separate table by ps_id

  7. Sensitive and historical grade data is only joined for model training and grade prediction, so if the model is compromised, raw data cannot be traced back to original enrollment_ids

  8. Full postcodes are hashed

  9. Row level security by school and class is enforced on all data with no super admin users having access to all data

  10. Backups are performed by cycling through school admin accounts and are stored separately

  11. Identification is provided via Microsoft or Google accounts

  12. Data access is provide by creating clusters of schools and classes that individuals may have access to and assigning these clusters to the relevant Microsoft or Google account

  13. Progress Stream employees can only access a single school’s data at a time

  14. All data downloads are logged against which user requested them, what data was downloaded with the date and time of the request

Breach notification process

  1. As soon as Progress Stream becomes aware of a breach, within the first hour we review the logs to verify which school or schools were affected

  2. Once the scale of the breach is understood, all affected schools will be notified within four hours

  3. Progress Stream will inform the ICO within this 4 hour period

  4. Further investigation of how the breach happened will then be undertaken over the next 72 hours

  5. Full details of the breach, including how it happened and the steps taken to mitigate it from happening again will then be published to the ICO and the affected schools within a week

  6. Full details of the breach, including how it happened and the steps taken to mitigate it from happening again will then be published publicly within two weeks