Capita warns schools to stop using its pupil data-sharing platform
Embattled outsourcing firm says the glitch in its data-transfer mechanism is only "very low-level"
Schools across the UK are being warned not to use a key data-sharing platform after Capita, the company that implements it, found an issue in its code base.
The outsourcing firm is investigating an "incident" in the latest release of the mechanism that allows primary schools to transfer pupils' data to their secondary schools when they move.
According to an email sent by Capita, schools are being advised to refrain from using the common transfer files (CTF) to share pupil data and contact details until "further notice" if they have upgraded.
Capita has not explained what this issue may relate to, however, the nature of the message suggests pupil information could be at risk of being transferred from one school to another incorrectly, with details missing or merged with existing records.
Capita's involvement in the public sector has already been the source of several controversies in the last year. The National Audit Office (NAO) has highlighted several failings in a series of reports, particularly regarding the firm's botched projects with the NHS and the MoD.
"We are investigating one incident with CTF for schools who have taken the latest Spring Release," the initial email said. "We are assessing currently the specific scenarios where this incident arises and the exact scope of its impact.
Moreover, if a school has already sent a CTF file to another after 22 March, Capita has advised them to check with the recipient whether the pupils' details have been loaded correctly.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
This is an issue that does not affect the previous Autumn release, and files shared through this version will have been received as normal.
"Capita ESS apologises for any impact on schools and their support partners that may arise from this incident," the email continued. We continue to investigate and will update once the full details and implications are known."
A spokesperson told IT Pro there has been no data breach associated with the error, and that it's a "very low-level" coding issue.
"We are investigating one customer incident relating to a minor coding issue and expect to provide a resolution imminently. Schools can continue to take the Spring release but we are offering precautionary advice until the resolution is in place."
The CTF mechanism is used by schools who have registered to be part of SIMS, a student information management system developed by Capita. This system has been adopted by 21,000 schools, according to the company, and is the most widely used across the UK.
But the platform has run into several similar issues in the past, for example, in June 2018 where an issue mismatched pupils' data to existing records.
The email outlining this latest issue was posted in response to a forum post outlining last year's glitch with the comment "here we go again".
Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.