That’s the verdict of new research conducted by academics at Plymouth University and the University of East Anglia.
They surveyed more than 1,000 schools across England and found that nearly half had policies on children’s personal data security that fell below recommended levels.
These schools either had no agreed policy on how personal data should be handled (for instance, they hadn’t taken legal advice about the storage of data like fingerprints or home addresses) or they had a policy “in development”.
The survey also found that trainee teachers about to enter the teaching profession seem to have an even more relaxed attitude towards online security and are no more aware of data protection risks than current staff.
University of East Anglia academic Dr Sandra Leaton Gray, who carried out the research with Professor Andy Phippen of Plymouth University, said some schools viewed collecting pupil data as a matter of convenience, with little thought about security or the implications for children.
“Schools have created large databases with information about where children live, who their parents are, their routes to school, whether relatives are on the sex offenders’ register, whether they have special needs, or whether they are known to social services,” explained Dr Leaton Gray.
“If this information gets into the wrong hands, it can have big consequences for individuals. Yet security levels in schools are inconsistent and generally not as high as they should be.”
Problems that could arise include identity theft, parents being send confidential information about other children, or pupils’ biometric data being accessed by strangers. It is estimated that 40 per cent of UK secondary schools currently use biometric systems. The research was presented to the British Educational Research Association annual conference last week.