Osborne Co-operative Academy Trust (OCAT) follows the values of equality, honesty, and responsibility. This policy explains how staff, contractors, and volunteers must handle the Trust’s IT equipment and data safely—whether working at school, from home, or while travelling.
Key Rules Everyone Must Follow
Your Responsibility
You are responsible for any equipment or data given to you for work. Keep it safe, clean, and secure.
Transporting Data
If you carry school data outside the building (on laptops, USB drives, papers), it must be kept hidden and protected. Don’t leave sensitive info in a car for more than 10 minutes.
Working at Home or Offsite
When working outside school, take care to protect data. If using your personal device, delete all data once finished or before leaving the Trust.
Sensitive Information
Only people who should hear or see sensitive data should have access. Don’t leave your screen visible to others and never save school passwords in your browser.
Unapproved Equipment
Don’t store school data on personal or unapproved devices. Never share your login or let someone else use your IT equipment.
Travelling Abroad
School equipment must not be taken out of the UK unless you are on approved business travel.
Returning Equipment
All issued equipment must be returned before you leave your job with the Trust.
Reporting Problems
If your equipment is lost or stolen—or data is accessed without permission—you must report it as a data breach immediately.
Support and Guidance
To follow this policy properly, staff can refer to other related policies:
- Data Protection Policy
- Data Breach Policy
- Records Management Policy
- Data Breach Procedure
If you’re unsure how to handle something, speak to your school’s Data Protection Lead.
What If You Need to Break a Rule?
If there’s a strong work reason to go against any rule in this policy, you must make a formal request through the school office—don’t just do it without permission.
Legal References
This policy follows the rules set out in:
- Data Protection Act 2018 / UK GDPR
- Article 8 of the Human Rights Act 1998
Breach of Policy
Breaking this policy may lead to disciplinary action. Serious breaches can result in dismissal without notice or even legal consequences.
Document Details
Version: 2024 (3.3)
Approved by: Trust Board
Date Approved: 21 May 2024
Next Review: May 2025
This policy ensures that all staff and volunteers keep data safe and treat the Trust’s IT equipment with care and respect. It protects students, staff, and the wider school community by making sure sensitive information is not lost or misused.
