The DSL’s Guide to Filtering and Monitoring

The Keeping Children Safe in Education (KCSIE) 2025 document obliges schools and colleges in England to “ensure appropriate filters and appropriate monitoring systems are in place and regularly review their effectiveness”. This responsibility is now a standard, no just a technical tick box, but a core leadership and safeguarding function.

The Department of Education published Filtering and Monitoring Standards: Meeting digital and technology standards in schools and colleges and has further updated them to include expectations for real-time filtering and the management of generative AI.

Leadership and DSL Responsibilities

One of the key points from the guidance is that DSLs and Senior Leadership Teams now have a responsibility for "understanding the filtering and monitoring systems and processes in place".  :

• Procurement: DSLs should be actively involved in procurement to ensure the system meets the specific safeguarding needs of the pupils.
• Implementation: the DSL should lead on decision -making behind the alerts the system generates; the DSL is the person best placed in understanding pupil needs in special circumstances and ongoing situations.
• Collaboration: IT technicians act as the enabler. They will install, set up and configure the system and may provide reports, but the DSL should decide if an alert is a safeguarding concern requiring escalation.
• Oversight: Governors and trustees should do regular check-ins to ensure the systems are in place and working effectively through evidence.

Data Protection and Large-Scale Monitoring: Due Diligence

• Supplier Due Diligence: there should be a thorough risk assessment of the provider.  If the system links to a third party safeguarding platform, such as CPOMS, you should map how that data is shared. DPE Customers: should review: Supplier Due Diligence Best Practice Area, and complete the  document Supplier Due Diligence Form(51 KB) and send off to the third party supplier, once returned we can help you assess any risks.
• DPIA: you should complete a DPIA as 'special category data' is more than likely captured.
• Lawful Monitoring: Refer to the ICO: Guide to Monitoring Lawfully in the Workplace. Monitoring must be necessary and proportionate. You must inform all users (staff and students) of the purpose and extent of the monitoring via updated Privacy Notices and Acceptable Use Policies (AUP). You must inform workers of the purpose of any monitoring. If you are considering monitoring emails and messages, you must complete a DPIA. This is because it poses a high risk to workers’ data protection rights and freedoms and is likely to capture special category data.  DPE Customers: should review: Transparency Best Practice Area.

Data Minimisation and Retention

• Minimisation: Under the principle of Data Minimisation, if an alert is escalated to a dedicated safeguarding system, the original alert in the monitoring software should ideally be removed so that sensitive data is not duplicated across multiple platforms.

• Subject Access Requests (SARs): Be aware that alerts containing a child’s or staff member's name are discoverable under a SAR. Ensure your system allows for easy retrieval or redaction.

Other policies in the organisation may also need to be updated to reflect use of a filtering and monitoring system.

Further support and guidance about KCSIE and filtering and monitoring:
SWGFL Filtering and Monitoring

DfE Filtering and Monitoring Standards

The Department for Education (DfE) Filtering and Monitoring Standards are designed to ensure that schools and colleges implement effective measures to safeguard students and staff online. Here’s a summary of the key standards:

1. Roles and Responsibilities:
   • Strategic Responsibility: The governing bodies and proprietors hold overall responsibility for ensuring that appropriate filtering and monitoring systems are in place. This includes overseeing compliance with these standards.
   • Senior Leadership Team (SLT) and Governor: A member of the SLT and a designated governor must be assigned to oversee the implementation and effectiveness of these standards. They ensure that the organisation's policies and systems are robust and up-to-date.
   • Designated Safeguarding Lead (DSL): The DSL plays a crucial role in this framework. They are responsible for safeguarding students and ensuring that filtering and monitoring measures align with the organisation's overall child protection policies. The DSL must be informed of any potential risks or incidents identified through monitoring.
2. Annual Review:
   • The filtering and monitoring systems must undergo an annual review to ensure they remain effective and up-to-date with current threats and technological changes. This review should involve assessing the effectiveness of the systems in place, identifying any gaps, and making necessary improvements. The review process ensures that the school’s digital environment continues to protect students and staff. The DSL is responsible for making sure there is an annual review.
3. Filtering System Used:
   • Schools must implement a robust filtering system to block access to harmful or inappropriate content online. This system should be tailored to the age group of the students and the educational context. It should prevent access to known harmful websites and content categories while allowing necessary educational resources. The filtering system must be regularly updated to adapt to new threats. The DSL is responsible for the filtering and monitoring system procurement.
4. Monitoring Strategies:
   • Schools need to have effective monitoring strategies in place to track online activity and detect potential risks. This includes monitoring internet usage for signs of inappropriate behaviour, cyberbullying, or exposure to harmful content. The strategies should balance safeguarding with privacy and should be transparent to students, staff, and parents. Monitoring must be conducted in a way that aligns with the school's safeguarding policies and data protection regulations. The DSL is responsible for what is monitored.

These standards emphasize the importance of strategic oversight, regular reviews, and the implementation of appropriate technical solutions to ensure a safe and secure online environment in educational settings.

DPE Customers can access our DfE Filtering and Monitoring Tracker and resources to track progress.