Preschools, schools, colleges and universities owe a duty of care to students and staff to create and maintain a safe environment. To do this effectively, organisations must implement comprehensive and rigorous policies, enabling them to assess and mitigate health and safety risks.
The education sector is under ever-increasing pressure, from public-sector institutions facing government budget cuts and struggling to recruit and retain staff to private facilities whose funding depends on stakeholders. Decision-makers must juggle multiple plates, from general maintenance and upkeep, budget management and professional development to employment, outsourcing and — most importantly — the welfare of students and consistent delivery of high-quality education.
Add in the unpredictability of the average working day, and carrying out a risk assessment can quickly drop down the seemingly endless list of priorities institutions must handle. But when risk management becomes a tick-box exercise — when the process is rushed and not given the care and attention it deserves — it can have a massively detrimental impact.
Conversely, conducting due diligence and implementing policies and procedures can make a real difference, boosting reputation, protecting against legal liability, positively impacting the local community and achieving better outcomes for students who can learn in a safe environment.
The Responsibilities of Educational Institutions
Responsibility #1: Maintaining Physical Safety and Security
Ensuring physical safety in a school or other educational facility is critical and can be threatened by many risks, including structural integrity, electrical issues, fire hazards and security breaches.
Structural Integrity
Buildings must be structurally sound to prevent accidents and injuries to students, staff and visitors. Achieving this requires ensuring classrooms, corridors, storage areas, and other areas are free from damage that could pose harm.
Regular inspections can identify issues such as loose or broken handrails, damaged flooring and unstable furniture and ensure the integrity of walls, ceilings and floors to prevent collapse.
Trip hazards are also a physical safety concern; these could be anything from poorly laid floor tiles that jut out and hazards such as electrical cords and wires stretched across walkways to spillages causing slippery surfaces and clutter placed in areas without clearance. Internal policies and practices such as scheduling maintenance, providing dedicated storage areas for belongings and learning materials and training staff on identifying and addressing trip hazards can help minimise risk.
Electrical Issues and Fire Hazards
Electrical and fire safety are critical aspects of risk management in education. Proper electrical maintenance will identify faulty outlets and damaged wires and ensure electrical equipment is in working order, preventing shocks and electrical fires.
Likewise, fire risk assessments are crucial to identify hazards. A thorough fire risk assessment should include checking that fire exits, exit routes and assembly points are signposted and easily accessible via multiple avenues. It is also good practice to provide fire safety training for staff and conduct regular fire drills so staff, students and anyone else on the premises know what to do during a fire.
Security Breaches
Schools, colleges, and other facilities can be targets for opportunistic thieves looking to steal iPads, laptop computers, and other equipment used by the hundreds or thousands of students in attendance. Maintaining a secure environment prevents unauthorised access and reduces the risk of theft, but these aren’t the only benefits.
Students in schools can be vulnerable, especially if they are young children or have special educational needs or disabilities (SEND). Organisations must ensure that visitors do not pose a risk.
Schools can do this by conducting enhanced checks (such as ensuring visitors have, if required, Disability and Barring Service (DBS) certificates), ensuring visitors have IDs confirming who they are and where they are from, verifying this by contacting the organisation they are from and confirming their visit is approved in advance, and manually checking visitors in and out.
Responsibility #2: Protecting Sensitive Data
Physical breaches are not the only threat educational organisations face. Many schools have embraced digital systems for logging, securing and accessing private data, but others still rely on analogue methods out of a reluctance to change or to avoid the time and financial cost it will take to digitise data and train staff. Physically storing information poses obvious security risks — aside from the potential for data loss due to mishandling or a fire or flood, anyone on the premises could access data. But that doesn’t mean schools that keep digital records are immune from data breaches.
Cyber-specific vulnerabilities educational institutions must consider include:
- Phishing attacks: Phishing is the practice of obtaining sensitive information by posing as a trustworthy organisation. Should a school or university administrator click a link in a fraudulent email, they might unwittingly grant a data thief access to the entire system.
- Ransomware attacks: Should a thief gain access to a system, they might encrypt data and demand a ransom for its release, resulting in significant reputation damage and financial loss. It’s easy to appreciate the potential damage a ransomware attack can cause — imagine the scenario where a teacher cannot contact a child’s parent in an emergency or lunchtime supervisors cannot access allergy information to ensure children do not eat food that could cause a reaction.
Organisations should conduct a risk assessment to identify any vulnerabilities in their systems and processes, whether they store data digitally or physically.
Thorough risk management will identify several steps to safeguard information, such as keeping software up to date, backing up and encrypting data, and training staff on data protection, including recognising a phishing attack.
Schools should also not neglect physical security as it relates to information — devices like laptops or tablets containing sensitive data should be stored securely. Data should also be encrypted, inaccessible without credentials and accessible remotely so that information can be deleted from a stolen device should a theft occur.
By taking these measures, educational institutions can ensure the privacy and security of students and their families, staff, and stakeholders.
Responsibility #3: Ensuring Safe Procurement
Educational facilities often rely on contractors for various tasks, from construction and building maintenance to specialised services, such as computer installation and repair.
Safeguarding should always be the priority, so schools must implement safe recruitment processes to ensure contractors have the necessary clearance, skills, knowledge and experience to work in educational settings.
A risk assessment can identify any gaps in hiring policies and processes, such as failing to ensure contractors:
- Are compliant with safeguarding procedures
- Are properly trained and qualified
- Meet clear criteria set by an educational institution
- Are given clear guidance as to the scope of their role and internal policies they must comply with.
Educational organisations might consider using a compliance and risk management service provider to find contractors with accreditations and qualifications that meet their required standards.
With these measures in place, education providers can minimise risk and protect the safety and welfare of students and staff.
Maintaining physical safety and security, protecting sensitive data and ensuring safe procurement processes are just a few of the many challenges and responsibilities faced by educational institutions, but effective and comprehensive risk management makes a tangible difference in protecting against legal action and financial and reputational damage and fostering a safe environment for staff, students and visitors.
Author: David Marshall
David Marshall is Public Sector Lead at Veriforce CHAS, the UK’s leading provider of health and safety assessments and supply chain management services. Passionate about promoting innovation and safety best practices, David has more than 20 years’ experience as a sales and account management expert, specialising in helping public sector authorities and contracting bodies improve their supply chain risk management processes.
LinkedIn: David Marshall
Information contained on this page is provided by an independent third-party content provider. Binary News Network and this Site make no warranties or representations in connection therewith. If you are affiliated with this page and would like it removed please contact [email protected]
Comments