Add to collection(s) Add to saved
  1. Social Science
  2. Law

early years providers

advertisement 
Information Management Toolkit
for Early Year Providers
Document Owner Elizabeth Barber – Records Manager
Tel: 03000 415812
elizabeth.barber@kent.gov.uk
Version
April 2015
Contents
1.
2.
3.
4.
5.
6.
7.
8.
Introduction
Using the Information Management Toolkit
Information Security
Information Sharing
Disposal of Records
Retention Guidelines
Review of Toolkit
Supporting Documentation
NOT PROTECTIVELY MARKED
1
1.
Introduction
The information management toolkit is designed to assist early years providers to
fulfil their obligations under the Statutory Framework for the Early Years Foundation
Stage 2014 (EYFS) by keeping their records to the appropriate standards.
The EYFS states that: ‘Providers must maintain records and obtain and share
information (with parents and carers, other professionals working with the child, the
police, social services and Ofsted or the childminder agency with which they are
registered, as appropriate) to ensure the needs of all children are met.’
2.
Using the records management toolkit
The retention guidelines on pages 6 to 11 are intended to be as exhaustive as
possible. If settings do not create all of these records there is no need to create
additional records.
The retention guidelines are only guidelines, if in doubt please take legal advice. The
responsibility of maintaining and retaining approporiate records remains with the
individual settings. Individual settings may wish to undertake their own business risk
assessments if it is considered that the retention periods outlined are not appropriate.
If you have any queries about record retention please contact Elizabeth Barber,
Records Manager on 03000 415812 or elizabeth.barber@kent.gov.uk.
3.
Information Security
Much of the information created, received and managed by settings will contain
personal information which is considered ‘sensitive’ under the Data Protection Act
1998. As a data controller, you must ensure that personal and sensitive information is
appropriately secured and protected against unauthorised or illegal processing.
What happens when data gets lost?
Information security is probably the most important area for settings to concentrate
on. The loss of or unauthorised access to personal information is likely to cause most
harm to children, parents or staff and could result in the Information Commissioners
Office (ICO) taking action. Individuals have a right to take action for compensation if
loss of personal information causes them damage or distress.
The ICO now has the power to impose a monetary penalty of up to £500,000 for
serious contraventions of the data protection principles. So not taking security
seriously causes a reputational risk and could cost providers money.
NOT PROTECTIVELY MARKED
2
All personal data, whether paper-based or electronic, must be kept secure to prevent
accidental loss, damage or destruction. The extent of the security measures required
will depend on the sensitivity of the data.
Information security within a setting means guaranteeing the confidentiality, integrity
and availablility of the information.
Paper-based records
All paper-based records should be kept secure when they are not in use, in lockable
desks, filing cabinets or cupboards and the keys should be kept in a safe place.
If paper-records need to be taken off the premises they should be stored in a secured
lockable box or briefcase and put in the boot of the vehicle. Records should not be
left in a vehicle on open view, left in the boot overnight or for any extended period of
time.
Electronic records
Records held on electronic devices (e.g. laptops, computers, smart phones) should
be password protected and mobile phones should be encrypted. Information should
never be left up on a screen if the device is unattended.
If using electronic devices to process personal information ensure you have up-todate virus protection software installed. If using a home computer, no other members
of the household should have access to the device or the information contained on it.
Any documents produced should be stored on external hard drives which should be
encrypted where appropriate.
If no alternative, use encrypted datasticks for the transportation of personal
information but ensure that the information held on that device is not the principal
copy (primary record). Like paper-based records, any devices containing personal
information should not be left in a car on open view and not left in the boot of a car
overnight or for any extended period of time.
NOT PROTECTIVELY MARKED
3
Emailing
If sending confidential information by email, you need to think about information
security issues. Where possible personal information should not be transported using
email unless the sender and receipient both have secure email accounts or are using
encryption techniques.
Never send personal information in the text of an e-mail. If necessary make sure that
the information is in an MS Office document attached to the e-mail and password
protected.
REMEMBER
4.
Information Sharing
Information sharing can take place with a number of organisations and individuals. It
is important that information is shared with the right people in the right way.
Before sharing information with agencies or partners outside of the setting, you must
check that you have their permission, and in the case of sensitive personal
information, the explicit consent of the data subject (other than when such sharing is
a statutory requirement).
NOT PROTECTIVELY MARKED
4
Where parents or individuals request access to information this should be dealt with
in accordance with providers obligations under the Data Protection Act 1998 and
where relevant Freedom of Information Act 2000. For further guidance on the
responsibilities of providers, please visit the ICO’s website at the following link:
https://ico.org.uk/.
5.
Disposal of Records
Records which have been identified for disposal must be destroyed in a way which
reflects the sensitivity or confidentiality of the information which the record contains.
Inappropriate disposal of information could lead to an information security breach.
This could result in a fine from the ICO and serious reputational damage.
Any records containing sensitive personal information should be shredded or if they
are held electronically deleted from the storage media and the recycle bin (if
electronic records are stored on CD/DVD then these should also be shredded).
You must keep a record of when and which records have been destroyed. Please
see sample disposal schedule below:
Sample Disposal Schedule
The following records were destroyed according to the retention period laid down
in the early year provider’s retention schedule or on the authorisation of the officer
named below*
*delete as appropriate
File Reference
Brief description
On whose authority
NOT PROTECTIVELY MARKED
Method of disposal
5
6.
Records Guidelines
IMTKE1
Records to be kept by Registered Persons - All Cases
Basic file description
Data
Statutory
Prot
Provisions
Issues
Retention Period
[operational]
IMTKE1.1 The name, home address and date
of birth of each child who is looked
after on the premises
Y
Closure of setting + 50 years
[These could be required to show
whether or not an individual child
attended the setting in a child
protection investigation]
IMTKE1.2 The name, home address and
telephone number of a parent of
each child who is looked after on the
premises
Y
IMTKE1.3 The name, address and telephone
number of any person who will be
looking after children on the
premises
Y
Statutory
Framework for
the Early Years
Foundation
Stage September
2014 - Page 30
Statutory
Framework for
Early Years
Foundation
Stage September
2014 – Page 30
If this information is kept in the
same book or on the same form as
in IMTKE1.1 then the same
retention period should be used as
in IMTKE1.1
If the information is stored
separately, then destroy once the
child has left the setting (unless the
information is collected for anything
other than emergency contact)
See CS33.4.5 below
NOT PROTECTIVELY MARKED
KCC
Retention
Schedule
Reference
Number
CS1.7.1
CS1.7.2
CS1.7.3
6
IMTKE1
Records to be kept by Registered Persons - All Cases
Basic file description
Data
Statutory
Prot
Provisions
Issues
IMTKE1.4 A daily record of the names of
children looked after on the
premises, their hours of attendance
and the names of the persons who
looked after them
Y
IMTKE1.5 A record of accidents occurring on
the premises and incident books
relating to other incidents
Y
IMTKE1.6 A record of any medicinal product
Y
administered to any child on the
premises, including the date and
circumstances of its administration,
by whom it was administered,
including medicinal products which
the child is permitted to administer to
himself, together with a record of
parent’s consent
Retention Period
[operational]
The regulations say that these
records should be kept for a
reasonable period from when the
child leaves. (for example 3
years)If these records are likely to
be needed in a child protection
setting (see CS1.7.1 above) then
the records should be retained for
closure of setting + 50 years
Statutory
DOB of the child involved in the
Framework for
accident or the incident + 25 years
Early Years
If an adult is injured then the
Foundation
accident book must be kept for 7
Stage September years from the date of the incident
2014 – Page 26
Statutory
DOB of the child being given/taking
Framework for
the medicine + 25 years
Early Years
Foundation
Stage September
2014 – Page 25
NOT PROTECTIVELY MARKED
KCC
Retention
Schedule
Reference
Number
CS1.7.4
CS1.7.5
CS1.7.6
7
IMTKE1
Records to be kept by Registered Persons - All Cases
Basic file description
Data
Statutory
Prot
Provisions
Issues
Retention Period
[operational]
IMTKE1.7 Records of transfer
Y
IMTKE1.8 Portfolio of work, observations and
so on
IMTKE1.9 Birth certificates
Y
One copy is to be given to the
parents, one copy transferred to
the Primary School where the child
is going
To be sent home with the child
IMTKE2
Y
Once the setting has had sight of
the birth certificate and recorded
the necessary information the
original can be returned to the
parents. There is no requirement to
keep a copy of the birth certificate.
KCC
Retention
Schedule
Reference
Number
CS1.7.7
CS1.7.8
CS1.7.9
Records to be kept by Registered Persons - Day Care
Basic file description
Data
Statutory
Prot
Provisions
Issues
NOT PROTECTIVELY MARKED
Retention Period
[operational]
KCC
Retention
Schedule
Reference
Number
8
IMTKE2
Records to be kept by Registered Persons - Day Care
Basic file description
Data
Statutory
Prot
Provisions
Issues
Retention Period
[operational]
IMTKE2.1 The name and address and telephone
number of the registered person and
every other person living or employed
on the premises
Y
See IMTKE2 below
IMTKE2.2 A statement of the procedure to be
followed in the event of a fire or
accident
N
IMTKE2.3 A statement of the procedure to be
followed in the event of a child being
lost or not collected
N
IMTKE2.4 A statement of the procedure to be
followed where a parent has a
complaint about the service being
provided by the registered person
N
Statutory Framework
for Early Years
Foundation Stage
September 2014 –
Page 31
Statutory Framework
for Early Years
Foundation Stage
September 2014 –
Page 27
Statutory Framework
for Early Years
Foundation Stage
September 2014 –
Page 30
Statutory Framework
for Early Years
Foundation Stage
September 2014 –
Page 30 to 31
NOT PROTECTIVELY MARKED
KCC
Retention
Schedule
Reference
Number
CS1.7.10
Procedure superseded + 7
years
CS1.7.11
Procedure superseded + 7
years
CS1.7.12
Until superseded
CS1.7.13
9
IMTKE2
Records to be kept by Registered Persons - Day Care
Basic file description
IMTKE2.5 A statement of the arrangements in
place for the protection of children,
including arrangements to safeguard
the children from abuse or neglect and
procedures to be followed in the event
of allegations of abuse or neglect
IMTKE3
IMTKE3.2
IMTKE3.3
Retention Period
[operational]
N
Closure of setting + 50
years
[These could be required
to show whether or not an
individual child attended
the setting in a child
protection investigation]
Statutory Framework
for Early Years
Foundation Stage
September 2014 –
Page 16-17
KCC
Retention
Schedule
Reference
Number
CS1.7.14
Other Records - Administration
Basic file description
IMTKE3.1
Data
Statutory
Prot
Provisions
Issues
Financial records –
accounts, statements,
invoices, petty cash etc
Insurance policies –
Employers Liability
Claims made against
insurance policies – damage
to property
Data
Statutory
Prot
Provisions
Issues
N
Retention Period
[operational]
N
The policies are kept for a minimum of
6 years and a maximum of 40 years
depending on the type of policy
Y
Employers
Liability
Financial
Regulations
KCC Retention
Schedule
Reference Number
Current year + 6 years
Case concluded + 3 years
NOT PROTECTIVELY MARKED
10
IMTKE3
Other Records - Administration
Basic file description
IMTKE3.4
Claims made against
insurance policies – personal
injury
IMTKE3.5 Personal Files - records
relating to an individual’s
employment history
IMTKE3.6 Pre-employment vetting
information (including CRB
checks)
IMTKE3.7 Staff training records –
general
IMTKE3.8 Training (proof of completion
such as certificates, awards,
exam results)
IMTKE3.9 Premises files (relating to
maintenance)
IMTKE3.10 Risk Assessments
Data
Statutory
Prot
Provisions
Issues
Y
Retention Period
[operational]
Y
Termination + 6 years then review
N
DBS
guidelines
Case concluded + 6 years
Date of check + 6 months
Y
Current year + 2 years
Y
Last action + 7 years
N
Cessation of use of building + 7 years
then review
Current year + 3 years
N
KCC Retention
Schedule
Reference Number
NOT PROTECTIVELY MARKED
11
7.
Review of Toolkit
This toolkit will be reviewed when required.
8.
Information, Advice and Guidance
Further information relating to records management, information security and
information sharing can be found via the following links:
http://www.kelsi.org.uk/school_management/day-today_administration/access_to_information/records_management.aspx.
Useful Contacts
Advice on records management, please contact
Elizabeth Barber - Records Manager
03000 415812
Advice on information security and sharing, please
contact Michelle Hunt - Information Governance
Specialist
03000 416286
elizabeth.barber@kent.gov.uk
michelle.hunt@kent.gov.uk
.
NOT PROTECTIVELY MARKED
12
Related documents
Session 3 Approaches for risk retention and risk transfer
Session 3 Approaches for risk retention and risk transfer
Records Retention and Disposition Schedule (Page 1)
Records Retention and Disposition Schedule (Page 1)
Timeline for Processing Retentions
Timeline for Processing Retentions
*Perfect Pet* Vocabulary Words
*Perfect Pet* Vocabulary Words
Retention time line – rev 2014
Retention time line – rev 2014
Student Development Committees 2014
Student Development Committees 2014
Legal Reasoning, Research and Writing
Legal Reasoning, Research and Writing
Download
advertisement