Frequently Asked Questions: Online Registration Data 

Where and how is the data stored? 

Hosting Surrey Schools’ registration data takes place in secure Canadian Data Centers. Multiple layers of security are in place as per specifications including advanced protection for physical entry, monitoring, and access.

Backups are also stored in Canadian Data Centers.

How long is the data stored for? 

This data is destroyed annually in compliance with the data destruction guidelines provided by the Surrey Schools Privacy Office. This guideline also applies to data stored on the online registration server.

Who has access to the information? 

Data access is limited to authorized users and monitored at the district level.

Data in this system is only accessible to authenticated District users and is limited by user role. For example, authorized users at the school level can only see their own school data. 

How is it secured?

Data is protected by Azure Data Protection Services. A full white paper explaining the service is available here. 

Client communication protocols include transmission from client to server using Secure Socket Layer as well as security provisioning provided by Microsoft. Data is accessed through an encrypted 256-bit Secure Socket Layer (SSL).

Data on the internal production SQL server is encrypted in its static state and is protected behind a firewall. Authentication is in place for all internal and external access. 

Prior to adopting the online registration system, Surrey Schools contracted completed a comprehensive Privacy Impact Assessment (PIA). 

Where can I learn about Surrey’s general privacy practices?

Click here for more information on Surrey Schools policies and regulations related to privacy.

Who can I contact if I have more questions?

You can contact us at privacy@surreyschools.ca