Confidentiality STUDENT /Child Safety Information area needed

Hi, I was hoping someone can further shed light on this issue. Currently under Student and notes. We have been entering notes on information that relates to that student. This is however able to be accessed by all admin, teachers and support staff. * we are a staff body of 10.
However if we were to enter confidential information that NOT all teaching and support staff should be able to generally read. Is there another way to allow all staff to still add notes But restrict the ability for all staff to see those notes. In other words all staff can still utilize adding notes on students - BUT not all staff can read the notes. Or is there an ability to add some function under students that another heading a more secure for confidential notes/child safety permissions and this can be only read/accessed by Admin. Hope this makes sense. Kindest regards

Hi MissBee, this is a good question, and something that has come up in schools that I work with as well.

Gibbon is a centralized database, like many school information systems. Although it is hosted locally on a server, with systematic checks performed every release, and every effort has been made to keep the information secure, just like any database or web application, we can never guarantee that a data breach will never happen. So far, it hasn’t happened and we work hard to ensure that it won’t happen, but even some of the largest most secure databases in the world have been breached.

For this reason, while the vast majority of information is safe to add to a centralized database, anything of a truly private or child protection concern should not be uploaded centrally, to help ensure the safety of the data. The best approach is to secure this data in a location that is accessible by the least people possible, either physically or in a service that allows specifically assigning access to who can view that file. If you are using an online service, you could provide links to these files in the the notes that you add to Gibbon, but the service would still require login access to view those files.

Hope this helps!