Company blog | Intellischool

The importance of Safer Technologies 4 Schools | Intellischool

Written by Dave Philp | Oct 30, 2021 12:45:58 AM

In today's cloud-first world, Australian schools have much to consider when it comes to ensuring the security of their data. School leaders must be across who, how, why and when data is accessed. With the introduction of so many cloud-based services, the visibility of this information is often obscured.

If your school is investigating a school analytics solution (or any other EdTech product) you must not only consider your data security obligations for cloud products like Intellischool, but also where product development and support teams are physically located - regardless of whether the product is on-premises or cloud-based.

 

What is "Safer Technologies 4 Schools"?

Safer Technologies 4 Schools (ST4S) is a national privacy and security initiative specifically designed to assist Australian schools in their decision making process when adopting a new technology platform.

The initiative is administered by Education Services Australia (ESA) and was developed in collaboration with all Australian state, territory, Catholic and independent school sectors. It provides a transparent assessment that requires EdTech vendors to meet certain standards, and makes reports on assessments available to schools via their local education jurisdiction authority (such as the state department of education, Catholic education office, or local independent schools association).

 

Why is ST4S important?

EdTech vendors that have completed an ST4S assessment display a commitment to meeting the data privacy standards mandated by the Australian Privacy Principles, the relevant Privacy Acts, and the additional expectations for data security in the primary and secondary education sector.

ST4S reports available to schools provide a reliable, thorough, and accurate risk measurement instrument that should be reviewed whenever a new EdTech solution is being considered for implementation.

 

What is covered in the assessment?

The assessment process for ST4S is extremely detailed. The team at ESA requires EdTech vendors to complete a thorough questionnaire that covers:

  • Who the vendor is, including company details;
  • Security, in-depth, including
    • product functionality,
    • data hosting and storage locations,
    • technical components,
    • logging of interactions,
    • access control,
    • staffing, background checks and staff locations,
    • testing and development processes,
    • quality assurance and recovery plans,
    • incident management,
    • data deletion and retention,
    • compliance controls, and
    • governance requirements;
  • Privacy, in-depth, including data privacy, processes for managing data requests, and privacy control functions; and
  • Interoperability with other systems.

Once the questionnaire has been completed, EdTech vendors are required to provide detailed evidence to support the answers provided in the questionnaire.

 

Has Intellischool completed an ST4S assessment?

Yes, Intellischool has completed an ST4S assessment for the Intellischool Data Platform, the technology that underpins our school cloud analytics service, Albitros. As the report is produced and owned by ESA, copies of our ST4S report must be requested through your local education jurisdiction authority.

Intellischool participated in an ST4S assessment in 2021, and will complete re-assessments as required by the ST4S Team to ensure that our assessment outcome remains current.

 

Is completing an ST4S assessment mandatory for EdTech vendors?

No, completing the assessment is not mandatory. However, if an EdTech provider has not completed or doesn't disclose any information about their ST4S assessment, you should ask:

  • When will they be completing the assessment?
  • If they are not planning to complete the assessment, why not?

 

How can I get copies of ST4S reports?

To request a copy of Intellischool's ST4S assessment report, or any other EdTech assessment report, check your state authority's information hub, or reach out to your local authority listed below.

  Catholic Independent Public
NSW Catholic Schools NSW AIS NSW DET Information Security
NT Catholic Education NT AIS NT DoE Cloud Systems
QLD Queensland Catholic Education Commission Independent Schools Queensland QED Risk Reviews
SA Catholic Education SA AISSA Education ICT Cyber Security
TAS Catholic Education Tasmania Independent Schools Tasmania DoE Security
VIC Catholic Education Commission of Victoria Independent Schools Victoria DoE InfoSafe
WA Catholic Education WA AISWA  DoE Privacy Office