FERPA & Student Data Communication Systems

Similar documents
Computer Use and File Sharing Policy

Violations of any portion of this policy may be subject to disciplinary action up to and including termination of employment.

REGULATION BOARD OF EDUCATION FRANKLIN BOROUGH

Acceptable Use Policy

Acceptable Use Policy

DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY

ACCEPTABLE USE OF HCHD INTERNET AND SYSTEM

Internet, , and Computer Usage Policy

Acceptable Use Policy

Communication and Usage of Internet and Policy

Acceptable Use Policy

Internet, , Social Networking, Mobile Device, and Electronic Communication Policy

Acceptable Use Policy

Northern Virginia Community College Social Media Guidelines

TITLE SOCIAL MEDIA AND COLLABORATION POLICY

Effective security is a team effort involving the participation and support of everyone who handles Company information and information systems.

The Lee Wiggins Childcare Centre E-SAFETY, PHOTOGRAPHY and VIDEO POLICY

Staff Information System Acceptable Use Policy

Electronic Network Acceptable Use Policy

BERKELEY COLLEGE Social Media Policy

POLICY BURLINGTON TOWNSHIP BOARD OF EDUCATION. PROGRAM 2361/page 1 of 8 Acceptable Use of Computer Network/Computers and Resources M

II.C.4. Policy: Southeastern Technical College Computer Use

Acceptable Use Policy

ICT Acceptable Use Policy for Students

Security and Privacy Breach Notification

University Policies and Procedures ELECTRONIC MAIL POLICY

GENERAL ORDER PORT WASHINGTON POLICE DEPARTMENT

Employee Security Awareness Training Program

region16.net Acceptable Use Policy ( AUP )

Jacksonville State University Acceptable Use Policy 1. Overview 2. Purpose 3. Scope

TERMS OF USE Terms You Your CMT Underlying Agreement CMT Network Subscribers Services Workforce User Authorization to Access and Use Services.

Corporate Policy. Revision Change Date Originator Description Rev Erick Edstrom Initial

Cleveland State University General Policy for University Information and Technology Resources

Sample BYOD Policy. Copyright 2015, PWW Media, Inc. All Rights Reserved. Duplication, Reproduction or Distribution by Any Means Prohibited.

Healthfirst Website Privacy Policy

Acceptable Use Policy

13. Acceptable Use Policy

Acceptable Use Policy (AUP)

TERMS & CONDITIONS PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY BEFORE USING THE SITE

ELECTRONIC MAIL POLICY

Wireless Communication Device Policy Policy No September 2, Standard. Practice

Writer Corporation. Data Protection Policy

The University of Central Florida Alumni Privacy Policy and Terms and Conditions

Brazosport Independent School District Employee/Agent Acceptable Use Agreement For Internet/Network Access and Use

Community Guidelines and User Agreement

Magna5 reserves the right to make modifications to this policy at any time.

USER CORPORATE RULES. These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy.

Horry County IT /GIS Policy Acce table Use Com uter S stems

Name of Policy: Computer Use Policy

ACCEPTABLE USE POLICY

Page 1 of 5. Policy Number Policy Title

Roche Directive on the Use of Roche Electronic Communication Tools

ELECTRONIC COMMUNICATION AND DATA MANAGEMENT

ADMINISTRATIVE POLICY NO ISSUING MUNICIPAL EQUIPMENT (Computer, Lap Tops, Notebooks, ipads)

FreedomNet Solutions Acceptable Use Policy ( )

Dumas ISD. Acceptable Use Policy

Ashford Board of Education Ashford, Connecticut POLICY REGARDING RETENTION OF ELECTRONIC RECORDS AND INFORMATION

HIPAA. Developed by The University of Texas at Dallas Callier Center for Communication Disorders

Commonwealth of Pennsylvania Governor's Office

Community Use Agreement

Acceptable Use and Publishing Policy

ACCEPTABLE USE ISO INFORMATION SECURITY POLICY. Author: Owner: Organisation: Document No: Version No: 1.0 Date: 10 th January 2010

ORGANIZEFOR PETITION PLATFORM ColorOfChange MOVEMENT-BUILDING PARTNERSHIP PROGRAM TERMS OF SERVICE

Acceptable Use Policy

OHSU s Alumni Relations Program (housed at the OHSU Foundation): 1121 SW Salmon Street, Suite #100 Portland, OR

NOTE: The first appearance of terms in bold in the body of this document (except titles) are defined terms please refer to the Definitions section.

Information Technology Acceptable Use Policy

Acceptable Use Policy (AUP) For ALL Technology Items, , and Wireless Devices within Hubbard ISD

2.1 Website means operated and owned by UCS Technology Services, including any page, part of element thereof;

Service Specific Terms & Conditions

UT HEALTH SAN ANTONIO HANDBOOK OF OPERATING PROCEDURES

EMPLOYEE USE OF TECHNOLOGY AGREEMENT

Remote Access Policy

HIPAA FOR BROKERS. revised 10/17

Computer, Communication, and Network Technology Acceptable Use

Itasca County Technology Policy

Acceptable Usage Policy (Student)

WARNER PACIFIC COLLEGE

COUNTY OF RIVERSIDE, CALIFORNIA BOARD OF SUPERVISORS POLICY. ELECTRONIC MEDIA AND USE POLICY A-50 1 of 9

UTAH VALLEY UNIVERSITY Policies and Procedures

SPRING-FORD AREA SCHOOL DISTRICT

Cell Phone Policy. 1. Purpose: Establish a policy for cell phone use and compensation allowance.

The John Fisher School ICT Policy

ASSESSMENT CENTER TERMS AND CONDITIONS. Last Updated 1/21/2011

Breckenridge Financial Supplies Website Use Policy

Synchrotron Light Source Australia Pty Ltd

INFORMATION TECHNOLOGY DATA MANAGEMENT PROCEDURES AND GOVERNANCE STRUCTURE BALL STATE UNIVERSITY OFFICE OF INFORMATION SECURITY SERVICES

CALSTRS ONLINE AGREEMENT TERMS AND CONDITIONS

PCA Staff guide: Information Security Code of Practice (ISCoP)

Peaceful Pill Forum Rules

Virginia Commonwealth University School of Medicine Information Security Standard

Acceptable Use Policy

LifeWays Operating Procedures

PURPOSE: To establish policies and procedures for the use of University-owned and -operated information technology resources.

Acceptable Use Policy

NOOTRY TERMS OF SERVICE

4-H Youth Development Program Website Guidelines

PRIVACY POLICY. Personal Information Our Company Collects and How It Is Used

HIPAA and HIPAA Compliance with PHI/PII in Research

Springfield, Illinois Police Department

Transcription:

FERPA & Student Data Ellevation is subject to the Family Educational Rights and Privacy Act (FERPA) as operating under the "school official" exception, wherein student directory and PII (Personal Identifying Information) may be provided to third parties (such as Ellevation) if the third party: Performs an institutional service or function for which the school or district would otherwise use its own employees; Has been determined to meet the criteria set forth in the school s or district s annual notification of FERPA rights for being a school official with a legitimate educational interest in the educational records; Is under the direct control of the school or district with regard to the use of maintenance of education records; and Uses education records only for authorized purposes and may not re-disclose PII from educational records to other parties (unless the provider has specific authorization from the school or district to do so and it is otherwise permitted by FERPA). As such, the following best practices regarding the handling of student data are required of all employees: Employ the rule of minimum access/data necessary to complete the responsibilities of your role; Never transmit PII via unencrypted means (plain email, unencrypted USB drives, unsecured websites, FTP); Never release student data to unauthorized parties; Use only approved, secure systems and tools to access, send, receive or manipulate student data; Destroy student data files (physical and electronic) immediately once they are no longer needed; Attend and complete all company information security and FERPA-related training. Communication Systems The use of all Ellevation electronic devices and network systems, including phones and voice mail, computers, the internet and email; company issued handheld communication devices, mobile or cell phones and faxing systems, are intended for Ellevation business use only and are Ellevation property. Employees use of these devices and systems for personal reasons must be kept to a minimum, and must not violate any laws or company policies. Electronic communication to an external party is not allowed on any Ellevation computer or network except for company business purposes or during an approved

break periods. All information transmitted, received, or stored using Ellevation networks and systems is the property of Ellevation and must be treated as confidential. Employees are not permitted to access, copy, store, or read any information from these systems without authorization. Electronic communications may not be forwarded outside or to any non-ellevation email address(es). Monitoring and No Expectation of Privacy Ellevation team management reserves the right to monitor its systems and the content, including all emails and internet sites visited, to the extent permitted under applicable state and federal law. Ellevation may conduct such monitoring without notice and reserves the right to review such information at any time. Any information transmitted through or stored in Ellevation s computer or electronic systems should not be considered to be private. Even information deleted from Ellevation s systems can still be retrieved or recovered. No employee should expect that any use of Ellevation s systems is private. We reserve the right to monitor, access, and read any information stored on Ellevation s systems, with or without notice, and whether or not such materials may be password protected. We will review Internet activity and analyze usage patterns, and we may choose to act accordingly to insure that Ellevation s resources are devoted to maintaining the highest levels of productivity. As such, you should not use Ellevation systems for anything you would not want the company to know about. All email, data, files, or other electronic records on the Ellevation systems are subject to review by the company. All documents and electronic files on the Ellevation systems are the property of Ellevation and not of the employee. Confidential Information Documents with sensitive, proprietary, or confidential information should be protected by a password. In addition, employees will only allow Ellevation s assigned information technology employee, team manager, the Company s CEO, or People Operations employees to access the password to confidential documents. Employees may not add encryption keys to the systems without express authorization from their manager or Information Security Director. Employees are prohibited to access pornography or other offensive sites; gambling sites; illicit "dark web" sites; steal or review others confidential computer files; or attempt to damage Ellevation systems or computers. Ellevation reserves the right to restrict access to certain sites either through content filtering or written notice. Prohibited Uses Ellevation employees cannot post anything online that circumvents policies prohibiting unlawful discrimination against current employees or Ellevation applicants. Transmitting,

retrieving, or storing communications or materials of a harassing nature, that contain derogatory or inflammatory remarks about an individual s race, sexual orientation, age, disability, religion, national origin, or physical attributes shall be transmitted. No abusive, profane, or offensive language, nor any violent, sexually explicit, or obscene materials are to be transmitted through Ellevation s electronic systems. Ellevation s systems may not be used for any other purpose which is disruptive, illegal, or against Ellevation s policy or contrary to its best interests. Solicitation of non-ellevation business or any use of Ellevation s systems for personal gain is prohibited, unless authorized by Ellevation. Employees may have reasonable access to social media sites for business activity and/or personal activities at the office over the company s systems. Ellevation authorizes occasional use so long as it does not interfere with the employee s work activities or productivity. Violations Employees should immediately notify their supervisor or manager of any violations of this policy. Any employee who violates this policy or otherwise abuses the privilege of Ellevation s systems will be subject to corrective action up to and including termination. If necessary, Ellevation also reserves the right to advise appropriate legal officials of any violations of the law. Social Media Communications Additionally, employees are personally responsible for anything they communicate on social media. If an employee discloses that they work for Ellevation, unless specifically authorized, the employee must add a disclaimer that views do not represent those of Ellevation. Any employee who violates this policy may be subject to discipline or possible termination with Ellevation. Network Security Computer software that is installed on Ellevation systems may not be downloaded, copied, reproduced, altered or used by a employee without prior authorization, unless it is legal and necessary to perform a employee s job responsibilities. Any violation of copyright laws may result in discharge from the company. Ellevation will cooperate with software vendors and government officials in prosecuting cases of copyright violation. Use of any pirated or bootleg software is not allowed on Ellevation systems. The use of personal data or software also is not allowed on Ellevation systems without prior authorization. To avoid creating a network security risk, employees are not allowed to use their personal computers/laptops, tablets, email, phones, printers or any other technology device in connection with any Ellevation system or computer without prior authorization.

Ellevation also will not be responsible for any lost, stolen or damaged personal property, including electronic property. Failure to follow this policy may result disciplinary action up to and including termination. All Systems must be kept in working order and any repair and cleaning of computer systems due to negligence may be charged to the employee. Personal Smartphone Policy (aka Bring Your Own Device - BYOD) We know employees want easy access to connect to email and other work systems and tend to use their own mobile smartphone to do so. If you would like to elect to use your own mobile smartphone to access Ellevation email or other systems, please refer to Ellevation's "Smartphone Information Security Policy & Liability Waiver". Conducting company business or accessing company data from your personal device without the appropriate approval, compliance software install & configured, and liability waiver on file is expressly forbidden. Social Media Ellevation respects the right of any employee to maintain a blog or web page or to participate in a social networking, Twitter or similar site, including but not limited to Facebook and LinkedIn. However, to protect Company interests and ensure employees focus on their job duties, employees must adhere to the following rules: All rules regarding confidential and proprietary business information apply in full to blogs, web pages, social networking, Twitter and similar sites. Any information that cannot be disclosed through a conversation, a note or an e-mail also cannot be disclosed in a blog, web page, social networking, Twitter or similar site. Whether an employee is posting something on their own blog, web page, social networking, Twitter or similar site or on someone else's, if the employee mentions the Company and also expresses either a political opinion or an opinion regarding the Company's actions, the poster must include a disclaimer. The poster should specifically state that the opinion expressed is their personal opinion and not the Company's position. This is necessary to preserve the Company's goodwill in the marketplace. Any conduct that is impermissible under the law if expressed in any other form or forum is impermissible if expressed through a blog, web page, social networking, Twitter or similar site. For example, posted material that is discriminatory, obscene, defamatory, libelous or threatening is forbidden. Company policies apply equally to employee social media usage.

Ellevation encourages all employees to keep in mind the speed and manner in which information posted on a blog, web page, and/or social networking site is received and often misunderstood by readers. Employees must use their best judgment when using these forms of media. Employees with any questions should review the guidelines above and/or consult with their manager. Failure to follow these guidelines may result in discipline, up to and including termination. Employees should be careful to avoid unintentional disclosure of proprietary or other confidential information before posting or disseminating photographs or videos taken within the office or at other company-sponsored events. You must comply with requests by the company to remove postings containing proprietary company information and do soas soon as is practicable. This includes, but is not limited to, photographs, programming code snippets, sales information, business news, and partner contract information. Gifts Employees may not accept gifts or entertainment exceeding $500 in value, or any personal loans, from customers, suppliers, volunteers, competitors or potential competitors, without the express approval of his or her manager or supervisor. Employees who are unsure as to whether a third party falls under these categories are encouraged to ask their supervisor or another member of management before accepting any such gift.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback