Requirement for "Responsible for Information - General User"

A while back staff were required to pass Protecting Data Level 1 to access Bader. Obviously “Protecting Data” exams have now gone.
We have Responsible for Information - General User available on ultilearn.

Can anyone point me to documentation that states what, if any, requirements now exist in order to access bader.

Badger sysops make no reference to training or requirements.

Are you in Essex Wing? We had this email last night!

“Responsible for Information” is the replacement for “Protecting Information”. It replaced it over a year ago actually.

My wing’s routine orders, issued just a few minutes ago, reference “Protecting Information Lvl 1”

Was there a corps-wide notification of the change to this course? I am pretty sure I have heard nothing about it except on here.

I don’t think that it’s specifically BADER; it covers all types of information such as 3822As, consent forms, etc as well.

Unfortunately a lost of people still call it “protecting information”. Protecting information became obsolete when the security classification system changed. I did my first Responsible for Information test in 2015.

I’ve never met anyone who’s done this unless they need it for their real jobs.

Once upon a time we had to renew this annualy but I am sure that has been dropped. I would like to see the document that mandates us (all staff, staff cadets etc…) to do this course. Can anyone point me at it?

Bader sysops no longer references it.

Interesting, because the BADER team are very keen to tell everyone that BADER is accredited and WESTMINSTER is not, but RFI is very strictly enforced on WESTMINSTER and if you go out of date (yes, it’s one year) your account is locked.

It is an MOD requirement for you to do it if you have access to any personal data - which of course you do on SMS.

But you have access to information other than via electronic systems, which makes it pointless. Schools have much more detailed information about children than we ever do or would and when I asked teachers about this they don’t do it.

If you have access to things like bank account details and NI numbers, I can understand it, but we don’t.

It would be interesting to know what other groups / organisations do and I’m not speaking just youth and take our lead from them, rather than trying to be supposedly ‘better’, because a bunch of MoD paper shufflers get a bug up their backsides. Just because we tick a box, it doesn’t improve or increase activity delivery.

These things like this are fine if it’s your day job you are sent on a course or given the time to do it.

No, but lots of schools have rather an Achilles heel where data protection is concerned. I don’t think we should necessarily lower the cadet forces to that standard…

1 Like

“Accredited” by who and for what?

Explain. I’ve never heard of anyone talking about data protection problems and as someone with access to SIMS, the information held is far more than what we have on Bader.

Talon - good question, they didn’t say.

Farriersaxe - depends on your school but weaknesses often include:

poor control of data download and storage outside SIMS - teacher makes own spreadsheet, for example
failure to securely delete printouts e.g. ‘trip packs’ taken off site
poor control of access levels (‘need to know’) so confidential data is visible to all users regardless of need
lack of informed consent for all uses the data is put to - collecting data for one purpose and using it for another

I think we often fall foul of the “need to know” basis in favour of ease or programming.

1 Like

This particular ‘course’ is meaningless as people will use and store information for their own use.

How many of us put together lists of emails for parents and their phone numbers? How many parents have staff contact details and where and I know people pass my contact details on.

I keep a list of cadets and DoB which calculates ages which I’ve done for years and even though it’s on SMS I don’t need to faff around logging on.

1 Like

And where do you storebthat data?

I thought it was called Information Management now… covering Official sensitive, secret and top secret?

I guess BADER and WESTMINSTER come under Defence Assurance and Information Security (DAIS)