Last updated:
Catholic systemic schools are governed by the federal Privacy Act and Australian Privacy Principles. With diocese-level procurement and CEnet governance, we understand the unique decision-making structure of the Catholic education sector.
Regulated by the Office of the Australian Information Commissioner (OAIC)
Mandatory — The Notifiable Data Breaches (NDB) scheme requires organisations to notify the OAIC and affected individuals when a data breach is likely to result in serious harm. Catholic schools must have breach response procedures in place.
CEnet AI Governance Framework — CEnet provides a shared AI governance framework across Catholic dioceses nationally. The ISA/NCEC Privacy Compliance Manual was updated in April 2025 with AI-specific guidance for Catholic and independent schools.
Here's the process your school follows to adopt a new platform in Catholic Schools. We'll support you at every step.
Technology procurement in Catholic systemic schools is typically coordinated at the diocese level. CEnet or the diocesan IT team reviews new platforms for privacy, security, and educational suitability.
The vendor is assessed against Australian Privacy Principles. We provide pre-filled documentation covering data handling, security controls, AI usage, and data residency to support this step.
The diocese education office or school principal (depending on governance structure) approves the platform for use. Some dioceses may require school council endorsement.
Wellbeing teams are onboarded with training and support. Ongoing compliance is maintained through the NCEC Privacy Compliance Manual framework.
Technology procurement in Catholic systemic schools is typically coordinated at the diocese level. CEnet or the diocesan IT team reviews new platforms for privacy, security, and educational suitability.
The vendor is assessed against Australian Privacy Principles. We provide pre-filled documentation covering data handling, security controls, AI usage, and data residency to support this step.
The diocese education office or school principal (depending on governance structure) approves the platform for use. Some dioceses may require school council endorsement.
Wellbeing teams are onboarded with training and support. Ongoing compliance is maintained through the NCEC Privacy Compliance Manual framework.
A detailed look at how our platform capabilities align with Catholic Schools's privacy and security requirements for schools.
APP 1 — Open and transparent management of personal information
Clear privacy policy, transparent data handling practices, and published information about how student data is processed and protected.
APP 6 — Use or disclosure of personal information
Student information is used solely for wellbeing documentation within the school. No data shared with third parties for marketing or unrelated purposes.
APP 8 — Cross-border disclosure
All data stored on secure Australian cloud infrastructure in Sydney. No data transfers outside Australia under any circumstances.
APP 11 — Security of personal information
Healthcare-grade encryption at rest and in transit. Role-based access controls. Strong password requirements. Comprehensive audit logging with 7-year retention.
Notifiable Data Breaches scheme
Established incident response procedures aligned with NDB scheme requirements. Schools are notified promptly of any security incidents affecting their data.
NCEC Privacy Compliance Manual (AI guidance)
Platform design aligns with the April 2025 NCEC guidance on AI in schools — staff-only tool, human oversight of all AI output, no student-facing AI interaction.
Data minimisation and audio handling
Audio recordings are deleted immediately after transcription. Only text documentation is retained. This aligns with APP 11 data minimisation principles.
AI training data protection
No student or staff data is used to train AI models. Zero-retention agreements with all AI service providers. Your school's data stays exclusively yours.
Key organisations that coordinate procurement and governance for catholic schools across Australia.
Shared technology governance and AI framework across Catholic dioceses nationally
Centralised technology assessment and recommendation for Victorian Catholic schools
Coordinates technology governance across Victorian Catholic dioceses
Transitioning from QCEC from January 2026 — centralised Queensland Catholic education governance
Standardised technology platform (Microsoft + SEQTA) for South Australian Catholic schools
162 schools with 90,000+ Microsoft 365 users — centralised IT procurement
56 schools with 26,000+ students across ACT and southern NSW
Coordinates Catholic school technology procurement in Tasmania
15 schools using CEnet for shared technology governance
Common questions from Catholic Schools schools about privacy compliance and using Grounded Scribe.
We'll provide the documentation your school needs to complete the assessment process in Catholic Schools. Request a compliance pack and we'll be in touch.