A Summary of the Changes for Keeping Children Safe in Education 2023
We hope you find this useful! We have been through both the 2022 and the 2023 version of KCSIE and compared them to find where the changes are.
We’ve listed all of the important changes and updates here:
What staff need to know:
‘All staff should receive appropriate safeguarding and child protection training (including online safety which, amongst other things, includes an understanding of the expectations, applicable roles and responsibilities in relation to filtering and monitoring – see para 141 for further information) at induction. The training should be regularly updated. In addition, all staff should receive safeguarding and child protection (including online safety) updates (for example, via email, e-bulletins, and staff meetings), as required, and at least annually, to continue to provide them with relevant skills and knowledge to safeguard children effectively.’
1. Filtering and Monitoring:
One of the recurring themes in KCSIE 2023 is the emphasis on filtering and monitoring in schools. The document stresses the importance of all staff members understanding their duties and obligations regarding online safety. Schools are advised to reflect their approach to online safety, including appropriate filtering and monitoring on school devices and networks, in their child protection policy
‘Online safety and the school or college’s approach to it should be reflected in the child protection policy which, amongst other things, should include appropriate filtering and monitoring on school devices and school networks. …. The school or college should have a clear policy on the use of mobile and smart technology, which will also reflect the fact many children have unlimited and unrestricted access to the internet via mobile phone networks (i.e. 3G, 4G and 5G).’ (Paragraph 138).
It is reiterated that Designated Safeguarding Leads (DSLs) are in charge of this area. When assessing filtering and monitoring systems, governing bodies and owners are urged to take into account the number of children at risk and the proportionality of costs versus safety risks.
‘Whilst considering their responsibility to safeguard and promote the welfare of children and provide them with a safe environment in which to learn, governing bodies and proprietors should be doing all that they reasonably can to limit children’s exposure to the above risks from the school’s or college’s IT system. As part of this process, governing bodies and proprietors should ensure their school or college has appropriate filtering and monitoring systems in place and regularly review their effectiveness. They should ensure that the leadership team and relevant staff have an awareness and understanding of the provisions in place and manage them effectively and know how to escalate concerns when identified. Governing bodies and proprietors should consider the number of and age range of their children, those who are potentially at greater risk of harm and how often they access the IT system along with the proportionality of costs versus safeguarding risks.’ (Paragraph 141)
The document directs schools to the Department for Education's filtering and monitoring standards in Paragraph 142, which describes the expected standards for filtering and monitoring systems. Roles and responsibilities should be established, rules should be reviewed annually, harmful content should be blocked without interfering with instruction, and schools should implement effective monitoring strategies that are in line with their safeguarding requirements. In order to ensure compliance, governing bodies and owners are urged to review the standards and speak with IT professionals and service providers.
Schools are referred to additional information on filtering and monitoring by the UK Safer Internet Centre and its toolkit. Additionally, the significance of schools adhering to cyber security standards is emphasised.
Action Points for Schools:
- Review and update the school's filtering and monitoring procedures, clearly defining roles and responsibilities within these processes.
- Assign the DSL the lead role in managing online safety, ensuring they have clear procedures to address any safeguarding concerns and uphold the school's prevent duty obligations.
- Conduct regular training and provide annual updates for all staff members about their responsibilities regarding online safety, filtering, and monitoring.
- Evaluate the strength and suitability of the current cyber security measures and consider improvements where necessary.
- Ensure that the school's child protection policy adequately reflects its approach to online safety, including appropriate filtering and monitoring on school devices and school networks.
2. Retaining documents:
Documents used to verify a successful candidate's identity, employment eligibility, and required qualifications are kept in accordance with paragraph 276. The UK GDPR/DPA 2018 applies to copies of Disclosure and Barring Service (DBS) certificates and records of criminal information disclosed by candidates, even though copies of such documents may be kept in personnel files. Schools may retain copies of this data for a maximum of six months if it's necessary to comply with data protection laws. After that, it is suggested to throw away the copies and only keep a record of the vetting process was done, the conclusion, and who was employed. It is important to keep in mind that keeping DBS certificates is not necessary for maintaining the single central record.
‘Copies of documents used to verify the successful candidate’s identity, right to work and required qualifications should be kept on their personnel file as per the advice at paragraph 232. Copies of DBS certificates and records of criminal information disclosed by the candidate are covered by UK GDPR/DPA 2018 Article 10. To help schools and colleges comply with the requirements of the Data Protection Act 2018, when a school or college chooses to retain a copy, there should be a valid reason for doing so and it should not be kept for longer than six months. When the information is destroyed a school or college may keep a record of the fact that vetting was carried out, the result and the recruitment decision taken if they choose to. Schools and colleges do not have to keep copies of DBS certificates, in order to fulfil the duty of maintaining the single central record.’
Action Points for Schools:
- Review and update the school's retention and disposal policies to ensure compliance with data protection laws. This includes procedures for keeping documents verifying a candidate's identity, right to work, and required qualifications.
- Establish a standard timeframe, not exceeding six months, for retaining copies of DBS certificates and records of criminal information disclosed by the candidate.
- Develop a clear rationale for retaining these documents within the six-month window, in compliance with data protection laws.
- Create a process for securely destroying these documents after the six-month period while maintaining a record of the vetting process, the result, and the recruitment decision.
3. Outside Organisations' Use of School Sites:
Under the section on voicing concerns and handling allegations, KCSIE 2023 adds a new heading, "Use of school sites by outside organisations" (Paragraph 377), to the document. This emphasises schools' safeguarding obligations when claims are made about incidents that took place while a person or group was using school property for child-related activities (e.g., community groups, sports associations, service providers). Schools should adhere to their safeguarding policies and procedures in these situations, which include notifying the Local Authority Designated Officer (LADO).
‘Schools and colleges may receive an allegation relating to an incident that happened when an individual or organisation was using their school premises for the purposes of running activities for children (for example community groups, sports associations, or service providers that run extra-curricular activities). As with any safeguarding allegation, schools and colleges should follow their safeguarding policies and procedures, including informing the LADO.’ (Paragraph 377)
Action Points for Schools:
- Review and update safeguarding policies and procedures to include guidelines for addressing allegations related to the use of school premises by external organisations.
- Incorporate the updated safeguarding guidelines into the contracts and letting policies for outside organisations using school facilities. Ensure these procedures are clearly outlined to ensure compliance.
- Train school staff and administrators on these new procedures to ensure they understand what to do if an allegation arises related to outside organisations using the school premises.
Safer recruitment
KCSIE recommends that schools and colleges incorporate an online search into their shortlisting process as a part of due diligence on prospective candidates. This search might uncover publicly accessible incidents or issues that may require further exploration during the interview. It's also suggested that institutions should inform candidates that such online searches may be conducted as a part of the process.
‘In addition, as part of the shortlisting process schools and colleges should consider carrying out an online search as part of their due diligence on the shortlisted candidates. This may help identify any incidents or issues that have happened, and are publicly available online, which the school or college might want to explore with the applicant at interview. Schools and colleges should inform shortlisted candidates that online searches may be done as part of due diligence checks. See Part two - Legislation and the Law for information on data protection and UK GDPR.’
Possible steps include:
- Incorporate an online search of shortlisted candidates into the recruitment process. This search could be carried out on publicly accessible social media platforms, blogs, or professional networks.
- Develop a standard protocol for online due diligence checks to ensure that the process is consistent and fair for all candidates.
- Communicate clearly to shortlisted candidates about the potential of online searches as part of due diligence checks. This could be included in the recruitment materials or shared during the shortlisting notification process.