Introduction
Prostart recognises the benefits and opportunities which new technologies offer to teaching and learning. We provide internet access to all Apprentices and learners and staff and encourage the use of technologies in order to enhance skills, promote achievement and enable lifelong learning. However, the accessibility and global nature of the internet and different technologies available mean that we are also aware of potential risks and challenges associated with such use. Our approach is to implement appropriate safeguards within Prostart while supporting staff and Apprentices and learners to identify and manage risks independently and with confidence. We believe this can be achieved through a combination of security measures, training, guidance and implementation of our policies. In furtherance of our duty to safeguard Apprentices and learners, the Every Child Matters, Safeguarding and PREVENT agenda, we will do all that we can to make our Apprentices and learners and staff stay e-safe to satisfy our wider duty of care. This e-safety policy should be read alongside other relevant policies e.g. Use of Social Media, Safeguarding & Child Protection, Prevent, Acceptable Use- Access to IT, Anti Bullying and Capability & Disciplinary.
Key People/Dates
This policy applies to all users/all Apprentices and learners and staff who have access to the IT systems, both on the premises and remotely. The Online Safety Policy applies to all use of the internet and forms of electronic communication such as email, mobile phone and social media sites. Online safety is an integral part of safeguarding and requires a whole, cross-curricular approach and collaboration between key leads. Accordingly, this policy is written in line with ‘Keeping Children Safe in Education’ 2023 (KCSIE), ‘Teaching Online Safety in Schools’, statutory RSHE guidance and other statutory documents. Any issues and concerns with online safety must always follow Prostart’s safeguarding and child protection procedures.
Current Online Safeguarding Trends
Self-generative artificial intelligence has been a significant change, with students having often unfettered access to tools that generate text and images at home or in school. These tools not only represent a challenge in terms of accuracy when young people are genuinely looking for information, but also in terms of plagiarism for teachers and above all safety: none of the mainstream tools have end-user safety settings, most have an age limit of 13 or even 18 and in spite of basic rude words not delivering results, will easily produce inappropriate material. Educational establishments not only need to tackle this in terms of what they have to deal with, but also educating young people and their parents on use of these tools in the home.
The continued cost-of-living crisis has meant that children have spent more time online and therefore exposed to all manner of online harms as families have had to cut back on leisure activities and the public provision of free activities for young people has reduced further.
Against this background, the Ofcom ‘Children and parents: media use and attitudes report 2023’ has shown that YouTube remains the most used site or app among all under 18s and the reach of WhatsApp, TikTok and Snapchat increased yet further. We recognise that many of our children and young people are on these apps regardless of age limits, which are often misunderstood or ignored. We therefore remember to remind about best practice while remembering the reality for most of our students is quite different.
This is striking when you consider that over 95 percent of students have their own mobile phone by the end of Year 7, and the vast majority do not have safety controls or limitations to prevent harm of access to inappropriate material. This is particularly pertinent given that 130,556 cases of self-generated child sexual abuse material were found of 11-13 year olds (Internet Watch Foundation Annual Report). These were predominantly (but importantly not only) girls; it is important also to recognise more and more older teenage boys being financially extorted after sharing intimate pictures online.
In the past year, more and more children and young people used apps such as snapchat as their source of news and information, with little attention paid to the veracity of influencers sharing news. The 2023 Revealing-Reality: Anti-social-Media Report highlights that this content is interspersed with highly regular exposure to disturbing, graphic and illegal content such as fights, attacks, sexual acts and weapons. At the same time, the Children’s Commissioner revealed the ever-younger children are regularly consuming pornography and living out inappropriate behaviour and relationships due to ‘learning from’ pornography. This has coincided with the rise of misogynistic influencers such as Andrew Tate, which had a significant influence on many young boys over the past year which schools have had to counter.
From the many schools that LGfL spoke to over the past year, there was a marked increase in the number of schools having issues with fights being filmed and shared, a disturbing increase in the cases of self-harm and sexual abuse being coerced with threats of violence (many even in primary schools).
There has been a significant increase in the number of fake profiles causing issues in schools, both for schools – where the school logo and/or name have been used to share inappropriate content about students and also spread defamatory allegations about staff, and also for students, including where these are used to bully others (sometimes even pretending to be one student to bully a second student).
This policy aims to promote Prostart’s approach to online safety by:
- Setting out expectations for all Prostart’s community members’ online behaviour, attitudes and activities and use of digital technology (including when devices are offline)
- Helping safeguarding and senior leadership teams to have a better understanding and awareness of all elements of online safeguarding through effective collaboration and communication with technical colleagues (e.g. for filtering and monitoring), curriculum leads
- Helping all stakeholders to recognise that online/digital behaviour standards (including social media activity) must be upheld beyond the confines of the building and day, regardless of device or platform, and that the same standards of behaviour apply online and offline.
- Facilitating the safe, responsible, respectful and positive use of technology to support teaching & learning, increase attainment and prepare children and young people for the risks and opportunities of today’s and tomorrow’s digital world, to survive and thrive online
- Helping staff working with learners to understand their roles and responsibilities to work safely and responsibly with technology and the online world:
- for the protection and benefit of young people in their care, and
- for their own protection, minimising misplaced or malicious allegations and to better understand their own standards and practice
- for the benefit of Prostart, supporting our ethos, aims and objectives, and protecting our reputation and profession
- Establishing clear structures by which online misdemeanours will be treated, and procedures to follow where there are doubts or concerns (with reference to other school policies such as Behaviour Policy or Anti-Bullying Policy)
Roles and Responsibilities
In 2023/2024, it is vital that all members understand their responsibilities and those of others when it comes to filtering and monitoring. All staff have a key role to play in feeding back on potential issues.
At Prostart we recognise that online safety and broader digital resilience must be thread throughout the curriculum. Annual reviews of curriculum plans / schemes of work (including for SEND pupils) are used as an opportunity to include in its key areas of Self-image and Identity, Online relationships, Online reputation, Online bullying, Managing online information, Health, Wellbeing and lifestyle, Privacy and security, and Copyright and ownership.
Handling Safeguarding Concerns and Incidents
Prostart procedures for dealing with online safety will be mostly detailed in the following policies
- Safeguarding and Child Protection Policy
- Sexual Harassment / Child-on-Child Abuse Policy (if separate)
- Anti-Bullying Policy
- Behaviour Policy (including sanctions)
- Acceptable Use Policies
- Prevent Risk Assessment / Policy
- Data Protection Policy, agreements and other documentation (e.g. privacy statement and consent forms for data sharing, image use etc)
- Cybersecurity
Any suspected online risk or infringement should be reported to the online safety lead / designated safeguarding lead on the same day – where clearly urgent, it will be made by the end of the lesson.
Any concern/allegation about staff misuse is always referred directly to the MD, unless the concern is about the MD in which case the complaint is referred the LADO (Local Authority’s Designated Officer). Staff may also use the NSPCC Whistleblowing Helpline.
Prostart will actively seek support from other agencies as needed (i.e. the local authority, LGfL, UK Safer Internet Centre’s Professionals’ Online Safety Helpline (POSH), NCA CEOP, Prevent Officer, Police, IWF and Harmful Sexual Behaviour Support Service). The DfE guidance Behaviour in Schools, advice for headteachers and school staff September 2022 provides advice and related legal duties including support for pupils and powers of staff when responding to incidents – see pages 32-34 for guidance on child on child sexual violence and harassment, behaviour incidents online and mobile phones.
We will inform parents/carers of online-safety incidents involving their children, and the Police where staff or pupils engage in or are subject to behaviour which we consider is particularly concerning or breaks the law (particular procedures are in place for sexting and upskirting; see section below).
Actions where there are concerns (taken from KCSIE)
Sexting sharing nudes and semi-nudes
All schools (regardless of phase) should refer to the UK Council for Internet Safety (UKCIS) guidance on sexting – now referred to as Sharing nudes and semi-nudes: advice for education settings to avoid unnecessary criminalisation of children. NB – where one of the parties is over 18, this is no longer sexting but child sexual abuse.
There is a one-page overview called Sharing nudes and semi-nudes: how to respond to an incident for all staff (not just classroom-based staff) to read, in recognition of the fact that it is mostly someone other than the designated safeguarding lead (DSL) or online safety lead to first become aware of an incident, and it is vital that the correct
steps are taken. Staff other than the DSL must not attempt to view, share or delete the image or ask anyone else to do so, but to go straight to the DSL.
The school DSL will in turn use the full guidance document, Sharing nudes and semi-nudes – advice for educational settings to decide next steps and whether other agencies need to be involved.
*Consider the 5 points for immediate referral at initial review:
1. The incident involves an adult
2. There is reason to believe that a child or young person has been coerced, blackmailed or groomed, or there are concerns about their capacity to consent (for example, owing to special educational needs)
3. What you know about the images or videos suggests the content depicts sexual acts which are unusual for the young person’s developmental stage, or are violent
4. The images involves sexual acts and any pupil in the images or videos is under 13
5. You have reason to believe a child or young person is at immediate risk of harm owing to the sharing of nudes and semi-nudes, for example, they are presenting as suicidal or self-harming
It is important that everyone understands that whilst sexting is illegal, learners can come and talk to members of staff if they have made a mistake or had a problem in this area.
The documents referenced above and materials to support teaching about sexting can be found at sexting.lgfl.net
Upskirting
It is important that everyone understands that upskirting (taking a photo of someone under their clothing, not necessarily a skirt) is now a criminal offence and constitutes a form of sexual harassment as highlighted in Keeping Children Safe in Education. As with other forms of child on child abuse learners can come and talk to members of staff if they have made a mistake or had a problem in this area.
Bullying
Online bullying, including incidents that take place outside Prostart or from home should be treated like any other form of bullying and the Anti- bullying policy should be followed for online bullying, which may also be referred to as cyberbullying, including issues arising from banter.
It is important to be aware that in the past 12 months there has been an increase in anecdotal reports of fights being filmed and fake profiles being used to bully young people in the name of others. When considering bullying, staff will be reminded of these issues.
Materials to support teaching about bullying and useful Department for Education guidance and case studies are at bullying.lgfl.net
Child-on-child sexual violence and sexual harassment
Any incident of sexual harassment or violence (online or offline) should be reported to the DSL who will follow the full guidance. Staff should work to foster a zero-tolerance culture and maintain an attitude of ‘it could happen here’. The guidance stresses that all forms of sexual violence and harassment must be taken seriously, explaining how it exists on a continuum and that behaviours incorrectly viewed as ‘low level’ are treated seriously and not allowed to perpetuate. The document makes specific reference to behaviours such as bra-strap flicking and the careless use of language.
In the online environment, the recent proliferation of misogynistic content is particularly relevant when it comes to considering reasons for and how to combat this kind of behaviour.
Misuse of technology (devices, systems, networks or platforms)
Clear and well communicated rules and procedures are essential to govern learner and staff use of school networks, connections, internet connectivity and devices, cloud platforms and social media (both when on l site and outside).
These are defined in the relevant Acceptable Use Policy as well as in this document, for example in the sections relating to the professional and personal use of school platforms/networks/clouds, devices and other technology, as well as to BYOD (bring your own device) policy.
Where pupils contravene these rules, the behaviour policy will be applied; where staff contravene these rules, action will be taken as outlined in the staff code of conduct/handbook.
Social Media Incidents (See Social Media Policy)
Breaches will be dealt with in line with the behaviour policy (for learners) or code of conduct/handbook (for staff).
Further to this, where an incident relates to an inappropriate, upsetting, violent or abusive social media post Prostart will request that the post be deleted and will expect this to be actioned promptly.
Where an offending post has been made by a third party, Prostart may report it to the platform it is hosted on, and may contact the Professionals’ Online Safety Helpline, POSH, (run by the UK Safer Internet Centre) for support or help to accelerate this process.
Data protection and cybersecurity
All learners, staff and parents/carers are bound by Prostart’s data protection and cybersecurity policy. It is important to remember that there is a close relationship between both data protection and cybersecurity and our ability to effectively safeguard children. KCSIE also refers to the DfE Standards of Cybersecurity for the first time in 2023.
Remember that data protection does not prevent, or limit, the sharing of information for the purposes of keeping children safe. As outlined in Data protection in schools, 2023, “It’s not usually necessary to ask for consent to share personal information for the purposes of safeguarding a child.” And in KCSIE 2023, “The Data Protection Act 2018 and UK GDPR do not prevent the sharing of information for the purposes of keeping children safe. Fears about sharing information must not be allowed to stand in the way of the need to safeguard and promote the welfare and protect the safety of children.”
Appropriate filtering and monitoring
Since KCSIE 2023, in recognition of the importance of these systems to keeping children safe, the designated safeguarding lead now has lead responsibility for filtering and monitoring (see page 1 for the DSL name and the named governor with responsibility for filtering and monitoring).
New DfE filtering and monitoring standards, which require the following:
- identify and assign roles and responsibilities to manage filtering and monitoring systems
- review filtering and monitoring provision at least annually
- block harmful and inappropriate content without unreasonably impacting teaching and learning
- have effective monitoring strategies in place that meet their safeguarding needs
ALL STAFF need to be aware of the changes and renewed emphasis and play their part in feeding back about areas of concern, potential for students to bypass systems and any potential overblocking. They can submit concerns at any point via Matt Vaughan and will be asked for feedback at the time of the regular checks which will now take place.
Staff will be reminded of the systems in place and their responsibilities at induction and start of year safeguarding as well as via AUPs and regular training reminders in the light of the annual review (done as part of the Safeguarding Report) and regular checks that will be carried out.
At Prostart
- web filtering is provided by Senso at Prostart
- changes can be made by Matt Vaughan
- overall responsibility is held by the DSL
- technical support and advice, setup and configuration are from Matt Vaughan
- regular checks are made weekly by Matt Vaughan to ensure filtering is still active and functioning everywhere. These are evidenced Senso reports/ log
- an annual review is carried out as part of the Safeguarding Report
In addition the following is used:-
- physically monitoring by staff watching screens of users
- network monitoring using log files of internet traffic and web access
Messaging authorised systems
- Learners communicate with each other and with staff using personal, Prostart or work e-mail
- Staff use the email system provided by Outlook, they never use a personal/private email account (or other messaging platform) to communicate with children or parents, or to colleagues when relating to school/child data, using a non-school-administered system.
- Staff use Outlook to communicate with learners and parents/ carers and other members of staff
Any systems above are centrally managed and administered by Prostart (i.e. they can be monitored/audited/viewed centrally; are not private or linked to private accounts). This is for the mutual protection and privacy of all staff, pupils and parents, supporting safeguarding best-practice, protecting children against abuse, staff against potential allegations and in line with UK data protection legislation.
Any unauthorised attempt to use a different system may be a safeguarding concern or disciplinary matter and should be notified to the DSL (if by a child) or to the MD (if by a staff member).
Where devices have multiple accounts for the same app, mistakes can happen, such as an email being sent from or data being uploaded to the wrong account. If this a private account is used for communication or to store data by mistake, the DSL/Headteacher/DPO (the particular circumstances of the incident will determine whose remit this is) should be informed immediately.
Behaviour/ Usage
- Appropriate behaviour is expected at all times, and the system should not be used to send inappropriate materials or language which is or could be construed as bullying, aggressive, rude, insulting, illegal or otherwise inappropriate, or which (for staff) might bring Prostart into disrepute or compromise the professionalism of staff.
- Data protection principles will be followed at all times when it comes to all Prostart communications, in line with the school Data Protection Policy and only using the authorised systems mentioned above.
- Pupils and staff are allowed to use the email system for reasonable (not excessive, not during lessons) personal use but should be aware that all use is monitored, their emails may be read and the same rules of appropriate behaviour apply at all times. Emails using inappropriate language, images, malware or to adult sites may be blocked and not arrive at their intended destination (and will be dealt with according to the appropriate policy and procedure).
Online Storage or Learning Platforms
All the principles outlined above also apply to any system to which you log in online to conduct school business, whether it is to simply store files or data (an online ‘drive’) or collaborate, learn, teach, etc.
Prostart has a clear cybersecurity and data protection policy which staff, governors and volunteers must follow at all times.
Website
The website is a key public-facing information portal for the community (both existing and prospective stakeholders) with a key reputational value. The MD has delegated the day-to-day responsibility of updating the content of the website and ensuring compliance with DfE stipulations to Matt Vaughan
Where staff submit information for the website, they are asked to remember they have the same duty as any person or organisation to respect and uphold copyright law. Sources must always be credited and material only used with permission.
Digital Images and videos
When a learner joins, parents/carers are asked if they give consent for their child’s image to be captured in photographs or videos, for what purpose (beyond internal assessment, which does not require express consent) and for how long. Parents answer as follows:
- For case studies/the newsletter
- For social media
- For a specific high-profile image for display or publication
Whenever a photo or video is taken/made, the member of staff taking it will check the latest database before using it for any purpose.
Any pupils shown in public facing materials are never identified with more than first name (and photo file names/tags do not include full names to avoid accidentally sharing them
All staff are governed by their contract of employment and the Acceptable Use Policy, which covers the use of mobile phones/personal equipment for taking pictures of pupils, and where these are stored. Members of staff may occasionally use personal phones to capture photos or videos of pupils, but these will be appropriate, linked to relevant activities, taken without secrecy and not in a one-to-one situation, and always moved to Prostart storage as soon as possible, after which they are deleted from personal devices or cloud services Photos are stored on Cloud in line with the retention schedule of the school Data Protection Policy.
Staff and parents are reminded annually about the importance of not sharing without permission, due to reasons of child protection (e.g. looked-after children often have restrictions for their own protection), data protection, religious or cultural reasons, or simply for reasons of personal privacy. We encourage young people to think about their online reputation and digital footprint, so we should be good adult role models by not oversharing (or providing embarrassment in later life – and it is not for us to judge what is embarrassing or not).
Learners are advised to be very careful about placing any personal photos on social media. They are taught to understand the need to maintain privacy settings so as not to make public, personal information.
Learners are taught that they should not post images or videos of others without their permission. We teach them about the risks associated with providing information with images (including the name of the file), that reveals the identity of others and their location. We teach them about the need to keep their data secure and what to do if they / or a friend are subject to bullying or abuse.
Device Usage
AUPs remind those with access to Prostart devices about rules on the misuse of school technology – devices used at home should be used just like if they were in full view of a teacher or colleague. Please read the following in conjunction with those AUPs and the sections of this document which impact upon device usage, e.g. copyright, data protection, social media, misuse of technology, and digital images and video.
Personal devices including wearable technology and bring your own device (BYOD)
- Learner are allowed to bring mobile phones in for emergency use only / may use mobile phones during lunch break. During lessons, phones must remain on silent. Any attempt to use a phone in sessions without permission or to take illicit photographs or videos will lead to internal exclusion (See Behaviour Policy) the withdrawal of mobile privileges. Important messages and phone calls to or from parents can be made at the office, which will also pass on messages from parents to learners in emergencies.
- All staff who work directly with learners should leave their mobile phones on silent and only use them in private staff areas during working hours. See also the ‘Digital images and video’ section of this document and the school data protection cybersecurity policies. Child/staff data should never be downloaded onto a private phone.
- Volunteers, contractors, governors should leave their phones in their pockets and turned off. Under no circumstances should they be used in the presence of children or to take photographs or videos. If this is required (e.g. for contractors to take photos of equipment or buildings), permission of the MD should be sought and this should be done in the presence of a member staff.
- Parents are asked to leave their phones in their pockets and turned off when they are on site. They should ask permission before taking any photos, e.g. of displays in corridors or training rooms, and avoid capturing other learners. Parents are asked not to call learners on their mobile phones during the school day; urgent messages can be passed via the office.
Use of Prostart Devices
Staff and learners are expected to follow the terms of the l acceptable use policies for appropriate use and behaviour when on Prostart devices, whether on site or at home.
Prostart devices are not to be used in any way which contravenes AUPs, behaviour policy / staff code of conduct.
Wifi is accessible to staff with guest network login for personal devices learner-related internet use / limited personal use within the framework of the acceptable use policy. All such use is monitored.
Prostart devices for staff or learners are restricted to the apps/software installed by Prostart, whether for use at home or Prostart, and may be used for learning and reasonable and not allowed for personal use
All and any usage of devices and/or systems and platforms may be tracked.
In line with the DfE guidance ‘Searching, screening and confiscation: advice for schools’, the MD and staff authorised by them have a statutory power to search learners/property on school premises. This includes the content of mobile phones and other devices, for example as a result of a reasonable suspicion that a device contains illegal or undesirable material, including but not exclusive to sexual images, pornography, violence or bullying.
Full details of the school’s search procedures are available in the school Behaviour Policy.
All staff should sign and follow the staff acceptable use policy in conjunction with this policy, the school’s main safeguarding policy, the code of conduct/handbook and relevant parts of Keeping Children Safe in Education to support a whole-school safeguarding approach.
This includes reporting any concerns, no matter how small, to the designated safety lead as named in the AUP, maintaining an awareness of current online safety issues (see the start of this document for issues in 2023) and guidance (such as KCSIE), modelling safe, responsible and professional behaviours in their own use of technology at school and beyond and avoiding scaring, victim-blaming language.
Staff should also be aware of the new DfE standards and relevant changes to filtering and monitoring and play their part in feeding back about overblocking, gaps in provision or pupils bypassing protections.
MD Key responsibilities:
- Foster a culture of safeguarding where online-safety is fully integrated into safeguarding
- Oversee and support the activities of the designated safeguarding lead team and ensure they work technical colleagues to complete an online safety audit in line with KCSIE
- Undertake training in offline and online safeguarding, in accordance with statutory guidance and Local Safeguarding Children Partnership support and guidance
- Ensure ALL staff undergo safeguarding training (including online-safety) at induction and with regular updates and that they agree and adhere to policies and procedures
- Ensure the Governance Officer undergo safeguarding and child protection training and updates (including online-safety) to provide strategic challenge and oversight into policy and practice and that governors are regularly updated on the nature and effectiveness of the school’s
- Ensure implementation makes effective use of appropriate ICT systems and services including safe filtering and monitoring, protected email systems and that all technology including remote systems are implemented according to child-safety first principles
- Better understand, review and drive the rationale behind decisions in filtering and monitoring as per the new DfE standards—through regular liaison with technical colleagues and the DSL– in particular understand what is blocked or allowed for whom, when, and how as per KCSIE.
- In 2023/4 this will involve starting regular checks and annual reviews, upskilling the DSL and appointing a filtering and monitoring governor
- Liaise with the designated safeguarding lead on all online-safety issues which might arise and receive regular updates on school issues and broader policy and practice information
- Support safeguarding leads and technical staff as they review protections for learners in the home and remote-learning procedures, rules and safeguards
- Take overall responsibility for data management and information security ensuring the provision follows best practice in information handling; work with the DPO, DSL and Governance Officer to ensure a compliant framework for storing data, but helping to ensure that child protection is always put first and data-protection processes support careful and legal sharing of information
- Understand and make all staff aware of procedures to be followed in the event of a serious online safeguarding incident
- Ensure suitable risk assessments are undertaken so the curriculum meets needs of pupils, including risk of children being radicalised
- Ensure the school website meets statutory requirements
DSL/ Online Safety Lead Key responsibilities
- The DSL should “take lead responsibility for safeguarding and child protection (including online safety and understanding the filtering and monitoring systems and processes in place).
- Ensure an effective approach to online safety as per KCSIE
- In 2023/4 working to take up the new responsibility for filtering and monitoring by working closely with technical colleagues, SLT and the Governance Officer to learn more about this area, better understand, review and drive the rationale behind systems in place and initiate regular checks and annual reviews, including support for devices in the home
- Where online-safety duties are delegated and in areas of the curriculum where the DSL is not directly responsible but which cover areas of online safety, ensure there is regular review and open communication and that the DSL’s clear overarching responsibility for online safety is not compromised or messaging to learners confused
- Ensure ALL staff and supply staff undergo safeguarding and child protection training (including online-safety) at induction and that this is regularly updated.
- In 2023/4 this must include filtering and monitoring and help them to understand their rolesall staff must read KCSIE Part 1 and all those working with children also Annex B cascade knowledge of risks and opportunities throughout the organisation
- safecpd.lgfl.net has helpful CPD materials including PowerPoints, videos and more
- Ensure the Governance Officer undergo safeguarding and child protection training (including online-safety) at induction to enable them to provide strategic challenge and oversight into policy and practice and that this is regularly updated
- Take day-to-day responsibility for safeguarding issues and be aware of the potential for serious child protection concerns
- Be mindful of using appropriate language and terminology around young people when managing concerns, including avoiding victim-blaming language
- Remind staff of safeguarding considerations as part of a review of remote learning procedures and technology, including that the same principles of online-safety and behaviour apply
- Work closely with SLT, staff and technical colleagues to complete an online safety audit (including technology in use in the school)
- Work with the MD, DPO and Governance Officer to ensure a compliant framework for storing data, but helping to ensure that child protection is always put first and data-protection processes support careful and legal sharing of information
- Stay up to date with the latest trends in online safeguarding and “undertake Prevent awareness training.”
- to the governors/trustees.
- Receive regular updates in online-safety issues and legislation, be aware of local and school trends
- Ensure that online-safety education is embedded across the curriculum
- Promote an awareness of and commitment to online-safety throughout the school community, with a strong focus on parents, including hard-to-reach parents – dedicated resources on our parents page
- Communicate regularly with SLT to discuss current issues (anonymised), review incident logs and filtering/change control logs and discuss how filtering and monitoring work and have been functioning/helping.
- Ensure all staff are aware of the procedures that need to be followed in the event of an online safety incident, and that these are logged in the same way as any other safeguarding incident.
- Ensure adequate provision for staff to flag issues when not in school and for learners to disclose issues when off site, especially when in isolation/quarantine, e.g. a survey to facilitate disclosures and an online form on the school home page about ‘something that worrying me’ that gets mailed securely to the DSL inbox
- Ensure staff adopt a zero-tolerance, whole school approach to all forms of child-on-child abuse, and don’t dismiss it as banter (including bullying).
- Pay particular attention to online tutors, both those engaged by the school as part of the DfE scheme who can be asked to sign the contractor AUP,
Governance Officer Key responsibilities (quotes are taken from Keeping Children Safe in Education)
- Review and update this policy, other online safety documents (e.g. Acceptable Use Policies) and the strategy on which they are based (in harmony with policies for behaviour, safeguarding, Prevent and others) and submit for review
- Submit this policy for approval with colleagues and subsequently review its effectiveness
- Undergo safeguarding and child protection training (including online safety) at induction to provide strategic challenge and into policy and practice, ensuring this is regularly updated
- Ensure that all staff also receive appropriate safeguarding and child protection (including online) training at induction and that this is updated
- Support in encouraging parents and the wider community to become engaged in online safety activities
- Have regular strategic reviews with the online-safety coordinator / DSL and incorporate online safety into standing discussions of safeguarding
- Work with the DPO, DSL and MD to ensure a compliant framework for storing data, but helping to ensure that child protection is always put first and data-protection processes support careful and legal sharing of information
- Check all staff have read Part 1 of KCSIE; SLT and all working directly with children have read Annex B
- Ensure that all staff undergo safeguarding and child protection training (including online safety and now also reminders about filtering and monitoring
- Ensure that children are taught about safeguarding, including online safety
Coach/Tutor Key responsibilities:
- As listed in the ‘all staff’ section, plus:
- Look for opportunities to embed online safety in your subject or aspect and model positive attitudes and approaches to staff and pupils alike
- Embed consent, mental wellbeing, healthy relationships and staying safe online as well as raising awareness of the risks and challenges from recent trends in self-generative artificial intelligence, financial extortion and sharing intimate pictures online into the PSHE / Relationships education, relationships and sex education (RSE) and health education curriculum. “This will include being taught what positive, healthy and respectful online relationships look like, the effects of their online actions on others and knowing how to recognise and display respectful behaviour online.
- Consider how teaching Online Safety can be applied in your context
- Work closely with the DSL/OSL and all other staff to ensure an understanding of the issues, approaches and messaging within Computing
- Ensure subject specific action plans also have an online-safety element
Network Manager Key responsibilities:
- As listed in the ‘all staff’ section, plus:
- Collaborate regularly with the DSL and leadership team to help them make key strategic decisions around the safeguarding elements of technology.
- Note that KCSIE changes expect a great understanding of technology and its role in safeguarding when it comes to filtering and monitoring and in 2023/4 you will be required to support safeguarding teams to understand and manage these systems and carry out regular reviews and annual checks.
- Support DSLs and SLT to carry out an annual online safety audit as now recommended in KCSIE. This will include a review of technology, including filtering and monitoring systems (what is allowed, blocked and why and how ‘over blocking’ is avoided as per KCSIE) to support their role as per the new DfE standards.
- Keep up to date with the online safety policy and technical information in order to effectively carry out their online safety role and to inform and update others as relevant
- Work closely with the designated safeguarding lead / online safety lead / data protection officer curriculum lead to ensure that systems and networks reflect s policy and there are no conflicts between educational messages and practice.
- Ensure the above stakeholders understand the consequences of existing services and of any changes to these systems (especially in terms of access to personal and sensitive records / data and to systems such as YouTube mode, web filtering settings, sharing permissions for files on cloud platforms etc
- Maintain up-to-date documentation of online security and technical procedures
- To report online-safety related issues that come to their attention in line with policy
- Manage systems, networks and devices, according to a strict password policy, with systems in place for detection of misuse and malicious attack, with adequate protection, encryption and backup for data, including disaster recovery plans, and auditable access controls.
- Ensure the data protection policy and cybersecurity policy are up to date, easy to follow and practicable
- Monitor the use of school technology, online platforms and social media presence and that any misuse/attempted misuse is identified and reported in line with policy
Data Protection Officer (DPO) Key responsibilities:
- Alongside those of other staff, provide data protection expertise and training and support the DP and cybersecurity policy and compliance with those and legislation and ensure that the policies conform with each other and with this policy.
- Not prevent, or limit, the sharing of information for the purposes of keeping children safe. As outlined in Data protection in schools, 2023, “It’s not usually necessary to ask for consent to share personal information for the purposes of safeguarding a child.” And in KCSIE 2023, “The Data Protection Act 2018 and UK GDPR do not prevent the sharing of information for the purposes of keeping children safe. Fears about sharing information must not be allowed to stand in the way of the need to safeguard and promote the welfare and protect the safety of children.”
- Note that retention schedules for safeguarding records may be required to be set as ‘Very long term need (until pupil is aged 25 or older)’. However, some local authorities require record retention until 25 for all pupil records.
- Ensure that all access to safeguarding data is limited as appropriate, and also monitored and audited
Read, understand, sign and adhere to the Learner acceptable use policy
Parents/ carers Key responsibilities:
Read the learner AUP and encourage their children to follow it
Monitoring and Review
The impact of the policy will be monitored regularly with a full review being carried out annually. The policy will also be reconsidered where particular concerns are raised or where an e-safety incident has been recorded.
V4 January 24