RADAR: Risk Assessment Device Approval Record

Complete guide to filling out the RADAR form for managing electronic devices and protecting children's data in Family Day Care services.

The RADAR (Risk Assessment Device Approval Record) is a compliance tool that helps Family Day Care educators manage electronic devices safely and protect children's images and personal information.

What is RADAR?

RADAR is a structured assessment that documents:

  • Electronic devices used in your service (phones, tablets, computers, cameras)
  • Email accounts and backup services
  • Technology workflows and processes
  • Risk assessments for technology use
  • Security measures to protect children's and family's privacy

This assessment ensures compliance with child safety regulations and helps you identify and mitigate risks related to technology and data management.

When to Complete RADAR

You should complete a RADAR assessment:

  • Initially: When setting up your Family Day Care service
  • Annually: As part of your yearly compliance review
  • When Changes Occur: If you add new devices, change email providers, or modify your technology workflows
  • After Feedback: If your coordinator requests changes or updates

Before You Begin

Gather the following information before starting:

  • ✓ Device serial numbers (phones, tablets, computers, cameras)
  • ✓ Email account details (provider, whether it's free or paid)
  • ✓ Backup and sync service information (iCloud, Google Drive, OneDrive, etc.)
  • ✓ Current workflows involving technology (daily documentation, photo sharing, etc.)
  • ✓ Understanding of potential risks in your service

Tip: You can save your progress as a draft and return later. Click the 'Save Draft' button to save your progress.

Step 1: Devices

In this step, you'll record all electronic devices used in your Family Day Care service. You can add multiple devices. Note, this is not just the devices you use with photos, but any devices that are used with childrens data or service information (forms, documents, communications, etc.)

Tip: Don't forget your personal phone. While you may have purchased a seperate phone for your service, you will likely still use or have access to your personal phone within the approved service area. During an audit, you'll don't want to have to explain a device that is not on the device register.

Basic Information

Device Name (Required)

  • A simple name to identify the device
  • Example: "Mary's iPhone", "Work iPad", "Service Camera"

Serial Number (Required)

  • The unique identifier for your device
  • Finding serial numbers:
    • iPhone/iPad: Settings → General → About → Serial Number
    • Android: Settings → About Phone → Status → Serial Number
    • Computers: Check the bottom/back of the device or System Settings
    • Cameras: Usually on a label inside the battery compartment

Device Type (Required)

  • What kind of device is it?
  • Examples: Phone, Tablet, Computer, Laptop, Camera, Smart Watch

Operating System (Required)

  • The software your device runs
  • Examples: iOS 17, Android 14, Windows 11, macOS Sonoma
  • Enter "NA" if not applicable (e.g., for basic cameras)

Usage Details

Personal Use (Required)

  • Is this device also used for personal activities?
  • Choose: Yes or No
  • Tip: If the device is used for both work and personal activities, select "Yes".

Remember, we expect educators to use devices for both work and personal activities. Later, we have a risk assessment used to manage the associated risks.

Latest Updates Installed (Required)

  • Are software updates current?
  • Choose: Yes, No, or NA
  • Important: Keeping devices updated is crucial for security

Reason Updates Cannot Be Installed (If applicable)

  • If you selected "No" above, explain why
  • Example: "Device is too old to receive updates".

Image Capture

Device Used to Capture Images (Required)

  • Does this device take photos or videos of children?
  • Choose: Yes or No

Apps Used to Capture Images (If applicable)

  • If you take photos/videos, which apps do you use?
  • Examples: Default camera app, Instagram, specialised educational apps

Which Apps Have Service Info (If applicable)

  • Tell us about apps used for service data like photos, forms, scanning, communication with families (email, chat, social media).
  • Examples: StoryPark, WhatsApp, OneDrive, Pix (for photo editing), Genius Scan (for scanning documents), social media if your FDC service has a public profile or educator group.

Backup & Storage

Backup or Sync Services (Optional)

  • Does this device back up to cloud services?
  • Choose: Yes, No, or NA
  • Tip: Common sync services are iCloud on iPhone/iPac/Mac. Google Drive and/or Google Photos on Android. OneDrive on Windows.

Backup Services Description (If applicable)

  • Describe the backup services you use
  • Examples: "iCloud automatic backup", "Google Photos sync", "Manual backup to external drive weekly"

External Connections

External Devices (Optional)

  • Do you connect external devices (USB drives, printers, SD cards)?
  • Choose: Yes, No, or NA

External Devices Description (If applicable)

  • List what external devices you connect
  • Example: "USB drive for monthly backups", "Wireless printer for printing photos"

Access Control

Other People Access (Required)

  • Do other people have access to this device?
  • Choose: Yes or No Tip: We expect it will be common for family members to have access to devices like phones or family computers. This is acceptable, and should be documented in this field.

List Who Has Access (If applicable)

  • If others can access the device, list who
  • Example: "My partner occasionally uses it", "All household members have access"

Security Measures (Required)

  • Describe how you protect the device and data
  • Be specific and thorough
  • Examples:
    • "6-digit passcode, Face ID enabled, auto-lock after 1 minute"
    • "Strong password, biometric unlock, separate work profile for service apps"
    • "Password-protected user account, firewall enabled, antivirus software installed"
    • "PIN lock, photos stored in password-protected folder, regular backups encrypted"

Step 2: Applications & Services

This section covers email accounts, backup services, and applications used in your service.

Email Account

Email Address (Optional)

  • The email address used for your Family Day Care service
  • Example: mary.educator@gmail.com

Email Provider (Optional)

  • Who provides your email service?
  • Examples: Gmail, Hotmail, Outlook, Bigpond, Yahoo, iCloud. If you have a custom business domain, we need to know the hosting company for the email service.

Free or Paid Email Service (Optional)

  • Choose: Free or Paid
  • Most personal email accounts (Gmail, Hotmail) are free
  • Paid services often include additional features like more storage, spam filtering, and privacy features.

Two-Factor Authentication (2FA) (Optional)

  • Is 2FA enabled on your email account?
  • Choose: No, Yes, or Unsure
  • Why 2FA matters: Adds an extra security layer requiring a second verification step when logging in. Eg. If someone tries to login to your email account a message with a code will be sent to your phone.
  • How to check: Look in your email account security settings.

Email Personal Use (Optional)

  • Do you also use this email for personal matters?
  • Choose: Yes or No

Family Email Access (Optional)

  • Describe who else has access to this email account
  • Example: "Only me", "My partner knows the password", "Shared family account"

Backup Services

Backup Services (Optional)

  • Describe any backup services you use for photos, documents, or data
  • Examples: "iCloud 200GB plan for photo backup", "Google Drive for documents", "BackBlaze for offsite backups"

Backup Deletion (Optional)

  • How and when do you delete data from backups?
  • Example: "Photos deleted from device also deleted from iCloud", "Photos deleted from device after 7 days"

Backup Security (Optional)

  • What security measures protect your backups?
  • Examples: "iCloud protected by Apple ID with 2 factor authentication", "Encrypted external drive in locked cabinet"

Backup Access (Optional)

  • Who can access your backup services?
  • Example: "Only accessible with my password and fingerprint", "Family sharing enabled but service folder is private"

Applications

Apps Used (Optional)

  • List other applications you use for your service
  • Examples: "WhatsApp for parent communication", "StoryPark for photo sharing", Pix (for photo editing), Genius Scan (for scanning documents)`
  • Tip: We expect educators to use a variety of apps for their service. If you use an app that is not on the list, please list it.

Step 3: Workflows

Document the technology-related processes and procedures in your service. You can add multiple workflows.

What is a Workflow?

A workflow describes how you use technology to complete tasks in your service. Think about your regular processes that involve devices, apps, or data.

Workflow Examples

  • Daily Documentation: How you record children's activities, meals, and naps
  • Photo Sharing: Your process for taking, storing, and sharing photos with families
  • Parent Communication: How you communicate with families (email, app, text)
  • Storage of Service Information: How you store and backup documents, photos, videos, etc.
  • Sending and receiving forms and information: How you send scanned documents to your coordinator or families services, or how you receive forms and information from families.

What to Include

For each workflow, describe:

Workflow Name

  • A short title for the process
  • Example: "Daily Photo Sharing", "Weekly Parent Updates"

Workflow Description

  • Descrivbe the workflow, like describing a recipe for someone on how they could replicate it.
  • What data/technology/applications are involved
    • Example: "Use iPhone camera app to take photos, store in Photos app, share via private Facebook group"
  • How information flows between people and systems
    • Example: How photos move from camera to StoryPark (including any intermediate apps like collage or filter apps), scanning workflows (e.g. scan to thumb drive, copy to PC to email).
  • What security or privacy considerations apply
    • Example: "Only children in my service visible in photos, background blurred if other children present."
  • Who is responsible for each step
    • Example: "I am responsible for taking the photos, uploading them to the StoryPark app, and deleting them from the device after 7 days."

Example Workflow

Name: Daily Photo Sharing Description: I take 3-5 photos of each child during activities using my work iPad (passcode protected). At the end of each day, I upload photos to StoryPark where only enrolled families can view them. Photos are reviewed before uploading to ensure no other children or identifying information is visible. After upload I delete them from the iPad and they remain only in the StoryPark archive accessible to families.

TIP: Once you write out the workflow, you'll identify apps you forgot to list in Step 1. Please cross-check and update your device applications list.

Step 4: Risk Assessment

Identify potential risks related to technology use and data handling in your service. You should add at least four risk assessments.

What is a Risk Assessment?

Risk Assessment Fields

Activity/Scenario (Required)

  • Describe the activity or situation you're assessing
  • Examples:
    • "Storage and sharing photos of children"
    • "Storing enrolment and health records on personal devices"
    • "Communication with families"

Hazard Identified (Required)

  • What could go wrong? What's the potential problem?
  • Examples:
    • "Photos could be accidentally shared publicly"
    • "Personal information could be accessed if phone is lost or stolen"
    • "Confidential information could be sent to wrong recipient"
    • "Data could be leaked via apps used for service communication" Tip: You can create multiple risk assessments, using the same activity/scenario if it has multiple hazards. A risk assessment for each device is not nessasary unless the prevention measures differ considerably.

Initial Risk Level (Required)

  • How serious is the risk before any prevention measures?
  • Choose: Low, Moderate, High, or Extreme
  • Consider: How likely is it to happen × How serious would the consequences be
  • Low: Unlikely to happen and minor consequences
  • Moderate: Could happen occasionally with manageable consequences
  • High: Likely to happen or serious consequences
  • Extreme: Very likely to happen with severe consequences

Prevention Measures (Required)

  • What steps will you take to reduce or eliminate the risk?
  • Be specific and actionable
  • Examples:
    • "Use passcode on device, review photos before sharing, store photos in password-protected folder, delete photos from device after 14 days"
    • "Store enrolment and health records in password-protected app, enable device encryption, use Find My iPhone, never write passwords down",
    • "Double-check recipient before sending, use BCC for group emails, use two-factor authentication for email accounts"
    • "Use backup service with 2FA, encrypt sensitive files before upload, delete photos from device after 7 days"

Risk Level After Measures (Optional)

  • What's the risk level after implementing your prevention measures?
  • Choose: Low, Moderate, High, or Extreme
  • This should typically be lower than your initial risk level

Who is Responsible (Required)

  • Select all people responsible for managing this risk
  • Options: Educator, Household Members, Coordinator, Service, or add custom roles
  • Most risks will include "Educator" as you're primarily responsible
  • Add "Household Members" if they can access devices
  • Add "Coordinator" for oversight and policy compliance

When (Required)

  • When will these measures be implemented or reviewed?
  • Examples: "Immediately and ongoing", "Daily before photo sharing", "Weekly device security check", "Monthly password update"

Example Risk Assessment

Activity/Scenario: Using my iPhone to take photos of children during activities and outings

Hazard Identified: Photos could be accidentally shared to wrong recipient, posted on social media, or accessed by unauthorised person if phone is lost

Initial Risk Level: High

Prevention Measures:

  • Phone protected with 6-digit passcode and Face ID
  • Photos taken using work-specific camera app with built-in privacy controls
  • All photos reviewed before sharing to ensure no other children or identifying information is visible
  • Photos only shared through secure service app, never via text or email
  • Parents consent obtained and recorded for photo use
  • Photos deleted from phone within 7 days of sharing
  • Find My iPhone enabled for device location/remote wipe if phone is lost or stolen
  • Separate work folder with additional password protection for service-related files

Risk Level After Measures: Low

Who is Responsible: Educator, Coordinator (for policy oversight)

When: Measures in place now and followed daily

Step 5: Declaration

The final step shows a summary of your assessment and includes important declarations.

Assessment Summary

You'll see a count of:

  • Devices Recorded: Total number of devices you've documented
  • Workflows Documented: Number of technology processes you've described
  • Risk Assessments: Number of risk scenarios you've assessed

Review your numbers: Make sure you've included all devices, key workflows, and identified the main risks in your service.

Declaration Statements

By submitting the RADAR assessment, you're declaring that:

  • The information provided is true and accurate to the best of your knowledge
  • You understand the importance of protecting children's privacy and data security
  • You will implement the risk mitigation measures identified in the assessment
  • You will notify your coordinator of any significant changes to your technology use
  • You will review and update this assessment annually or as required

What Happens After Submission

Once you click "Submit for Approval":

  1. Status Changes to Pending: Your form moves to "Pending Approval" status
  2. Coordinator Review: Your coordinator will review your submission
  3. You'll Receive Feedback: Through the "My Submissions" page
  4. Possible Outcomes:
    • Approved: Your assessment is complete
    • Needs Changes: Make requested edits and resubmit
    • Rejected: Review feedback and create new submission

Submission & Approval System

Form Status Explained

Draft

  • Your form is saved but not yet submitted
  • You can edit any section
  • No coordinator review yet
  • What to do: Complete all required fields and submit for approval

Pending Approval

  • Your form has been submitted to your coordinator
  • You cannot edit while pending
  • Coordinator is reviewing
  • What to do: Wait for coordinator feedback (check "My Submissions" page)

Needs Changes

  • Coordinator has requested modifications
  • You can now edit the form
  • Feedback provided explains what to change
  • What to do: Read feedback carefully, make requested changes, resubmit

Approved

  • Your assessment has been approved
  • Form is finalized and archived
  • PDF version available for download
  • What to do: Download PDF for your records, schedule next annual review

Rejected

  • Submission was not approved
  • You can create a new submission
  • What to do: Review feedback, consult with coordinator if needed, start fresh submission

Version Control

  • Each submission is assigned a version number (1, 2, 3, etc.)
  • When you resubmit after feedback, a new version is created
  • We consider the latest approved version to be the current document of record.
  • Previous versions are kept for audit trail
  • You can view version history in the submissions table

Accessing Your Submissions

Via "My Submissions" Page:

  1. Navigate to "My Submissions" from the main menu
  2. View tabs for different submission states:
    • Action Needed: Forms requiring your response (needs changes, rejected)
    • Pending Review: Forms waiting for coordinator approval
    • Recently Approved: Your approved assessments
  3. Click "View" to see submission details
  4. Download PDFs of approved forms

Dashboard Widget:

  • Your main dashboard shows a quick summary
  • Number of submissions needing attention
  • Quick links to take action

Tips & Best Practices

Completing the Form

Save Drafts Frequently

  • While the form auto-saves, manually save your progress regularly
  • Use the "Save Draft" button at the bottom of each step

Complete All Required Fields

  • Look for red asterisks (*) marking required fields
  • The form will prevent submission until all required fields are complete

Be Specific in Descriptions

  • Provide detailed descriptions for security measures
  • Explain workflows clearly with step-by-step processes
  • Detail your risk prevention measures thoroughly

Use Real Examples

  • Reference actual apps, devices, and practices you use
  • Avoid generic responses like "various apps" or "normal security"

Maintaining Your RADAR

Keep It Updated

  • Review annually (set a calendar reminder)
  • Update immediately when adding/removing devices
  • Revise when changing email providers or backup services
  • Update workflows if processes change

Respond to Feedback Promptly

  • Check "My Submissions" regularly for coordinator comments
  • Address requested changes quickly
  • Don't hesitate to ask your coordinator for clarification

Download Approved PDFs

  • Keep copies of approved assessments for your records
  • Store PDFs in a secure location
  • Have a copy available for compliance inspections

Monitor Your Dashboard

  • Check dashboard widget for submission status
  • Respond to notifications about needed actions
  • Track upcoming annual reviews

Common Questions

Q: Can I save my progress and come back later?

A: Yes, absolutely! The form auto-saves your progress as a draft. You can close your browser and return anytime before submitting. Just make sure you see the "Saved" confirmation message. When you return, click "Continue Draft" to pick up where you left off.

Q: What happens if I need to add a device after approval?

A: Simply update the form and submit a new version for approval. Your approved version remains on record, and the new submission will go through the approval process again. This creates a version history showing how your technology setup has changed over time.

Q: How do I know if my form needs attention?

A: Check two places:

  1. Dashboard Widget: Shows a count of submissions needing action
  2. My Submissions Page: Lists all submissions with color-coded status badges. Look in the "Action Needed" tab for forms requiring your response.

Q: Can I view previous versions of my submissions?

A: Yes! The submissions table in "My Submissions" shows all versions with version numbers and dates. Click "View" on any submission to see its complete details, including the feedback provided by your coordinator.

Q: What if I'm unsure about a risk assessment?

A: Contact your coordinator for guidance. They can provide examples from other educators and help you assess risks appropriately. It's better to ask for help than to submit an incomplete or incorrect risk assessment. Your coordinator wants to support you through this process.

Q: Do I need to include my personal phone if I use it for the service?

A: Yes, if you use any personal device within the approved service area in your home, it should be included in your RADAR assessment. Be honest about personal use and describe the security measures you have in place.

Q: How long does coordinator approval take?

A: This varies by service, but typically coordinators review submissions within 3-5 business days. If it's been longer, check in with your coordinator. During busy periods (like when many educators are completing annual reviews), it may take a bit longer.

Q: How many risk assessments should I include?

A: At minimum, include four thorough risk assessment. Examples include:

  • Photo/video capture and sharing
  • Storing enrolment and health records on personal devices
  • Communication with families
  • Data backup and storage
  • Use of apps or online platforms

Q: What serial number do I use for a shared family device?

A: Use the actual device serial number. In the "Other People Access" field, indicate that it's a shared family device and list who has access. Then describe additional security measures you've implemented to protect service-related data on a shared device.

Need Help?

If you have questions about completing your RADAR assessment or need clarification on any section:

  1. Contact Your Coordinator: They can provide specific guidance for your service
  2. Review Examples: Ask your coordinator if they have sample assessments you can reference
  3. Check Your Dashboard: Look for notification messages or announcements about RADAR requirements

Remember, the RADAR assessment is designed to help you maintain safe technology practices. It's a tool to support you, not a test. Be honest and thorough, and don't hesitate to seek help when needed.