✅📃 An MIS (management information system) is a critical part of the school's day to day operations and digital infrastructure.  They can be on premise or in the cloud, which means contract terms can differ.  We highlight the latest guidance alongside what is already data protection law - you should follow this, even if you are procuring your MIS through your local authority or third party IT provider.
There are several standards and laws that schools need to consider when procuring a new MIS:

✅Data Protection Law.

           ⚖️ Supplier due diligence - ensure appropriate due diligence has been completed.  If you are working with a third party IT supplier or local authority you still have the responsibility of doing any due diligence yourself as the controller of the data.  You may wish to check with your DPO if any due diligence has been completed on any of the MIS systems you are considering, ultimately it is your responsibility to understand any risks.  You might want to do further due diligence on an existing MIS system if there are significant changes in the latest version, such as integrating AI or moving to the cloud version.

           ⚖️ Records Management - ensure you understand what records may need to be transferred to the new MIS system and where the housekeeping routines and data retention schedule is best applied so that you are only keeping the data that you need according to data protection law.  Review: Considerations when migrating to a new MIS

✅The DfE Digital Standards

Ask your SLT Digital Lead to give you guidance in answering the required standards when procuring a new MIS or upgrading a current one. Review the following standards as part of your digital procurement for hardware, software and services:

           🛡️ Cyber Security Standards
           🛡️ Cloud Solutions Standards
           🛡️ Server & Storage Standards

One of the key points in the DfE Digital Standards is that it is the School's responsibility to ask the questions about whether systems, software or hardware meets the standard, not the responsibility of the third party providing it.

📃Contract terms

The DfE highlights the need to check changes in terms and conditions that may happen mid contract and be wary of accepting these when using an existing product as this could enter you in to increased costs or a longer term contract.  Contracts may be affected if a school becomes an academy.

⚙️Support Services

It is essential to have support services in place when using an MIS, so you should check the terms and conditions as part of the contract.  Sometimes it is an additional cost.  Learning to use the MIS correctly ensures there is appropriate access control and personal data is stored securely and accurately. 
When reviewing the support services, check the level of support provided and hours as this will help mitigate risk to business continuity.

If you want to know more about the DfE Digital Standards or Supplier Due Diligence then come and join us on one of our webinars:  👉  DPE Events for All or email us 📧 This email address is being protected from spambots. You need JavaScript enabled to view it.  for more information.