Data Security and Electronic Signatures
Data Security must be carefully considered when handling information about Kids. Whilst we have the standard policies in place, below is a bit more about how we manage this important aspect.
When a School or Organization decides to use CloudeNotes the data they may upload will include the Name of the Student, their Date of Birth and email address of at least one of their Parents or Caregivers. After that, a CloudeNote can be sent to a Parent/Caregiver and they in turn can view it online. Remember, the Parent/Caregiver can only register on CloudeNotes after receiving an Invitation from the Organization. They do not need to register to view the CloudeNote, however they will need to join to reply electronically their Consent/Non-Consent. Should they choose to join CloudeNotes – then they will be able to add some particulars about themselves and their Child. This is entirely optional. If they do, then those particulars will be visible to that Organization.
So what particulars are we talking about? Well for starters, Parents/Caregivers can add their name, address, and contact details. They can add information about their Child such as allergies or special needs – again this is optional. All this will be visible to the Organization that they have entrusted with the care and development of their Child.
All Data pertaining to Australia Organizations are stored in servers located in Australia. In addition we have encryption protocols in place where one Organizations Data will never be accessible by another. We will never sell, rent or allow Data to be mined for any purpose. We also perform regular penetration testing and have intrusion management and vulnerability protocols in place.
All Data is backed up on a regular basis. At anytime the backup can be activated should it be required. Just contact us.
In the event of an unlikely Data Breach – we have in place a notification system that will advise you immediately. We will also advise what we are doing about it.
CloudeNote Data Security
Every time an Organization sends a CloudeNote, an encrypted link is generated. The Recipient, receiving the email must click on the link to view the CloudeNote online. When a Parent/Caregiver wishes to reply to a CloudeNote or pay an amount listed – they would first need to register on CloudeNotes. This can only be done if they have been Invited to join by the Organization.
Once the Recipient has joined – that CloudeNote is further encrypted to be viewable by that Recipient. The CloudeNote URL specific to the Parent, is encrypted in such a way that without the authorized Login, that link can not be viewed by any other unauthorized person(s). To reply to the CloudeNote they would need to login. If the Recipient has enabled “remember me” on their device they will automatically see their CloudeNote. Of course, Parents/Caregivers would be responsible for the devices they use and securing their login credentials.
Our Secure Socket Layer further encrypts data being transferred between parties, thereby minimizing a breach or browser based attacks.
Did you know that the first example of electronic signatures was officially recorded in the 1800’s using Morse Code. In 1869 the New Hampshire Supreme Court accepted the legality of a telegraphic message as an electronic signature. More recently here in Australia, legislation like the Electronic Transactions Act 1999 deals with Electronic Signatures. (see Section 10)
How we deal with Electronic Signatures is as follows:
Before Invitations are sent, each Organization should ensure the Parent/Caregiver details are correct as they are then identified as an authorized person responsible for their Child. Once a Parent/Caregiver joins CloudeNotes, they create a password protected Login. Once this is in place, they are then able to reply an Electronic Consent or Non Consent. If the Parent/Caregiver does not join, they can still print out the CloudeNote and sign it for handing back to the Organization.