Data Protection Question


This topic contains 9 replies, has 6 voices, and was last updated by  Andrew Friedemann 1 year, 7 months ago.

  • Author
    Posts
  • #62282

    Andrew Friedemann
    Participant

    I would love some advice from any legal eagles in the group…

    Recently our SETA is refusing to issue certification unless we email to them certified copies of Learners ID’s, Enrolment Forms, and Highest Qualifications held.

    Now I have a few major issues with this. Not that they want the info, but how they want it… Actually I do have an issue with them wanting it.

    Firstly as I understand it, I cannot email a persons ID to a third party via un-encrypted email. That is against data protection laws. They also insist on it being a ‘Certified Copy’. Woah.. hold your horses… If I scan a certified copy its no longer a certified copy is it, so what the point?

    Their reasoning is that they need to ensure the Learner exists!!! Now if I was asking for funding for the learner I could understand this, but I am not, and the Learner is self funding, so what would the possible advantage be of me registering and claiming achievement for a learner that does not exist??? No I do not have a fetish for Certificates… Also if I was the type of person who would fake a learner, would I not also fake an ID document??

    Then why do they need the learners existing highest qualification? Our program is level 4 and most learners are self employed. I cannot see the point other than someone is just trying to make work…

    Now to get around the emailing private data to all and sundry, we set up a specific secure website, where designated people in the SETA can log in and view/download these documents. All secure, all in compliance with the law…. BUT they tell me they cannot log in as their software is too old.

    Hang on again there…. If the software is so old it cannot log into a website with a username and password, then their IT is definitely not suitable to be emailing peoples ID’s around the country as it is probably full of spyware and malware anyway. We have spent a fortune on a secure site that tracks every user down to the keystoke, and cross references IP addresses with authorized sites, but they will/can not log in to access the documents! Actually their software is not incapable of accessing the site, as I demonstrated it to them in their offices with their IT infrastructure.

    My main concern is not being compliant with data protection laws, and protecting my learners, but I am being told I have to break the law or I don’t get certification.

    What do I do?

    Share on Social Media
  • #62283

    you are totally correct. If they want to verify the information, they must come to you, and do a check of a sample on your premises in your presence and may not take any copies away. If you are accredited, as I know you are, they should trust their own judgment in having accredited you.

    Share on Social Media
  • #62284

    Molebatsi Lewele
    Participant

    That\’s the way setas work or you should have submitted those documents to them when you went to demonstrate to them how to access that system for future use, in the end you are the one whom your learners awaiting guide certificates.

    Share on Social Media
  • #62285

    Andrew Friedemann
    Participant

    Hi Molebatsi
    Two quick things – The SETAs cannot make up rules the break the laws of the land, no matter how much they want to, and secondly I demonstrated the system to them 3 years ago, we have had many of learners through since then.

    Share on Social Media
  • #62289

    Denise Bonnelle
    Participant

    Good morning

    We have been asked many times for these documents as well, but I have always opted to take in a hard copy if it was missing from the pack when learnership contracts were submitted.

    Share on Social Media
  • #62290

    Andrew Friedemann
    Participant

    Learnerships I can understand – public money – but they are applying this to every learner now – all ours are self funding skills programmes.

    Share on Social Media
  • #62296

    Sam Long
    Participant

    I agree with Dr Jacqueline Baumgardt! If they want to verify the information such as ID certified copies etc, the SETA involved must do a verification of documents or sample of work on site at your offices. We have also just looked at the whole process of POPI ACT and how we need to protect the individuals information for total confidence. We have had to incorporate a clause onto our registration forms to ensure our learners are comfortable with us releasing their information on this level especially to a SETA or company practitioner for reporting. It is a major challenge regardless as some learners do not want to even submit their ID on registration. We have had a obstructions when looking at credentials on “highest qualifications” on pre entry requirements and we have this in place as a rule for acceptance onto a programme or qualification we house. There is no way around this as it falls part of validating that we have the right target audience on board for training and this will in turn ensure that our learners are able to commit to a submission without difficulty. Wishing you all the best with your way forward in training and developments! regards Sam Long
    Share on Social Media

    Share on Social Media
  • #62402

    Kate Sani
    Participant

    This information the SETA is requesting is a recent requirement of the Department of Higher Education and Training. Within the upcoming few months it will be mandatory for Skills Development Providers to provide such learner documentation to SETAs (and to the QCTO in the future), and much more.
    The question is, of course, how this documentation, is to be managed under the POPI Act. The DHET is exploring this. Currently however, as per a SAQA instruction last year, learners should be signing indemnities with their SDP giving permission for their details, documentation, results, etc to be shared with their employer (if employer funded), SETAs, SAQA, QCTO, and DHET. Thus the POPI issue is not new. All SETAs should have a POPI Policy, and it may be useful to request this from the SETA in question.

    Share on Social Media
  • #62403

    Andrew Friedemann
    Participant

    “The DHET is exploring this” – this is the crux of it – they are putting things in place that have not been thought through yet. At the end of the day I am the one responsible for the data, not the DHET or SETA.

    Till its finalized they can come to my offices to see it all.

    Share on Social Media
  • #64426

    Andrew Friedemann
    Participant

    Just an update on this topic. We have offered them the following which they refuse…

    1) That your verifiers make a site visit to view the documents but may not remove them from the premises. (Which will be digital anyway as we do not possess hard copies)

    2) You access them on the secure website we have set up for this purpose. (Printing them off the website would be a contravention of the act)

    3) We ask the learners individually to send you the documents as this would not be against the privacy laws. However this would create a huge administrative burden on yourselves and ourselves.

    Feeling hopeless right now. I asked our Learners and they do NOT want us sending in hard copies.

    Share on Social Media

You must be logged in to reply to this topic.

Share on Social Media