SISRA Limited is dedicated to data security and has implemented a number of measures to satisfy even the most security conscious of schools and authorities. If you have any questions regarding any section of our Data Security page then please email email@example.com
Data Protection Act
SISRA Limited is registered with the Information Commissioner’s Office and processes data in accordance with the Data Protection Act 1998 and the Code of Practice issued by the regulators of England, Wales and Northern Ireland.
SISRA Limited will undertake the following administrative activities in relation to the processing and exchange of candidates’ personal data.
Personal data relating to the name(s), grades, gender, ethnicity, SEN status and a school’s own internal pupil identifier will be collected by SISRA Limited for the purposes of examination results analysis and progress tracking. SISRA Limited does not hold any sensitive personal identifiable information such as student’s Date of Birth or Address.
A candidate’s personal data will only be collected from registered schools/colleges in the context of examination results and progress analysis.
Such data collected will not be used for any purposes by SISRA Limited other than for the administration of the examinations results and progress analysis process.
It is recommended that schools/colleges include SISRA Limited within their “fair processing notice”.
Registration number: Z1483633 – Click here to access the Data Protection Register.
SISRA Limited uses a combination of the Secure Hypertext Transfer Protocol (HTTPS) along with the Secure Sockets Layer (SSL) protocol to provide encrypted communication and secure identification of our SISRA Online web servers. To see this in action please visit www.sisraonline.co.uk – modern browsers should show the web address (URL) as a green bar, with a link to certificate information to the right of the address bar. The certificate, provided by Globalsign, should provide users with the peace of mind in knowing that all data uploads and reports are transmitted in a highly secure environment.
Fair Processing Notice
SISRA Limited is aware that schools have an obligation to ensure that they are following Data Protection and/or Local Authority guidelines and therefore recommend that schools/colleges include SISRA Limited within their “fair processing notice”. The following is an example Fair Processing Notice entry that existing customers should feel free to use within their school’s notice.
SISRA Limited: The School may send information about learners to a third party organisation called SISRA Limited for the provision of software products delivered over the internet.The information required by SISRA Limited includes the pupil first name, surname, gender, ethnicity, SEN code and other factors such as “Free School Meals”, “Gifted & Talented” and “Children in Care”. SISRA’s services are valuable in helping educational organisations to monitor and improve the quality of education they provide by allowing them to analyse student, class and subject performance in great depth. Data Protection Officer, SISRA Limited, Egerton House, 2 Tower Road, Birkenhead, Merseyside. CH41 1FN.
Two Level Authentication
SISRA has developed “SISRA Secure Plus”, which provides two level authentication to those schools that feel extra tight security is required. Each user is provided with a SISRA Secure Key USB stick, which they would need to use each time they log into SISRA Online.
Shared Log-In Blocking
SISRA Limited is aware that many other online services provide a generic login that an entire school shares. Obviously this can present schools with many security issues and so SISRA provides each user with a unique set of login credentials. The setting up and sharing of “departmental/group” logins is not permitted and any simultaneous logging in (with the same login details) flags a potential security issue to the user. As SISRA provides unlimited users to all member schools, there is no reason for a school to require generic logins.