Know and understand characteristics of personal and sensitive data including personal name, address, date of birth, a photograph in school uniform, medical history

Published by Patrick Mutisya · 14 days ago

Cambridge IGCSE ICT 0417 – Topic 8: Safety and Security

Topic 8 – Safety and Security

Objective

Know and understand the characteristics of personal and sensitive data, including:

  • Personal name

  • Address

  • Date of birth

  • A photograph in school uniform

  • Medical history

1. What is Personal Data?

Personal data is any information that can be used to identify an individual, either directly or indirectly.

  • Direct identifiers: name, photograph, biometric data.

  • Indirect identifiers: address, date of birth, school roll number.

2. What is Sensitive Data?

Sensitive data is a subset of personal data that requires higher protection because its misuse can cause significant harm.

  • Health or medical information.

  • Details about a person’s ethnicity, religion, or sexual orientation.

  • Any data that reveals a person’s vulnerabilities.

3. Characteristics of the Specified Data Items

Data ItemType (Personal / Sensitive)Why It Is SensitivePotential Risks if Misused
Personal namePersonalCan identify an individual when combined with other data.Identity theft, phishing attacks.
AddressPersonalReveals location and can be linked to other records.Stalking, burglary, targeted scams.
Date of birthPersonalUsed as a unique identifier and for age verification.Identity fraud, unauthorized account creation.
Photograph in school uniformPersonal (often Sensitive)Visually identifies a student and ties them to a specific institution.Bullying, unauthorized use in media, impersonation.
Medical historySensitiveContains health information that is private and protected by law.Discrimination, embarrassment, insurance fraud.

4. Legal and Ethical Considerations

  1. Data Protection Laws (e.g., GDPR, local privacy legislation) require organisations to protect personal and sensitive data.

  2. Schools must obtain consent from parents/guardians before collecting or sharing a pupil’s data.

  3. Unauthorised disclosure can lead to disciplinary action and legal penalties.

5. Protecting Personal and Sensitive Data

  • Access control: Limit who can view or edit the data.

  • Encryption: Store data in encrypted form, especially when transmitted.

  • Strong passwords and two‑factor authentication.

  • Regular backups: Ensure data can be restored after loss or ransomware.

  • Awareness training: Teach staff and students about phishing, social engineering, and safe handling of data.

6. Practical Classroom Activity

Students create a “Data Classification Chart” for a fictional student profile.

  1. Provide a list of data items (e.g., name, favourite colour, medical condition).

  2. Ask students to classify each item as “Public”, “Personal”, or “Sensitive”.

  3. Discuss why each classification was chosen and how it should be protected.

Suggested diagram: Flowchart showing how personal data moves from collection → storage → processing → disposal, with security checkpoints at each stage.

7. Summary

Understanding the nature of personal and sensitive data is essential for maintaining safety and security in an ICT environment. By recognising the characteristics of each data type and applying appropriate protection measures, students and staff can help prevent misuse and comply with legal requirements.