Basic Privacy Protection 101.
Chapter 1.
Never, ever store the personal data in the same place as the person’s name.
Store the data using a numeric ID tag,and the actual name in another database, heavily encrypted, that links the name to the ID tag. The two files are not in the same database, not even in the same place (server farm). It takes two different access methods to connect the data to the name, and can only be done on the destination computer.
And why are Canadian school boards using an American service, with the data potentially being stored in a server in America, not Canada?
I work for a quasi-government organisation. In Scotland. Guess who owns the servers all our data is kept on?
Microsoft, Google and Amazon have the Bogart on server infrastructure. Basically the whole world runs off one of the three. Including a lot of governments. It was never a good idea, it was easy and convenient though. So that’s why it’s the way it is.
Sync is a Canadian owned, Canadian based cloud server. Everything is kept in Canada.
Let’s just say, the one I’ve worked at had it’s own team but someone once upon a day wanted to chop that and buy proprietary software…… then personally tweak it for use so it’s not even updated with the purchased software.
All the while half or more staff still struggle with Google Suite and general technology across ages.
Sounds like the board I worked for. They insisted on using FORD systems - Fix Or Repair Daily.
