Employee & Student use of District Information TechnologyThe purpose of this regulation is to ensure that students and staff utilize network and computing resources offered by the District in a safe and effective manner. This AR replaces the following two forms: BP 3523-E, Employee Terms and Conditions for Responsible Use of MSBSD IT and BP 6161.4-S Student Terms and Conditions for Responsible use of MSBSD IT Resources.
Section 1. GeneralThe Mat-Su Borough School District recognizes technology as a productivity enhancement tool. Employee and student use of District information technology is a privilege, not a right, and is authorized only for work or education related purposes. Employee and student use of District information technology shall be in accordance with this regulation, in accordance with governing law, and in accordance with other relevant District policies, regulations, and procedures. By using District computers and/or networks, employees and students acknowledge the terms and conditions governing their use of District information technology.Employee and student access to District information technology may be suspended at any time if it is in the District’s best interest to do so, as determined by the District in its sole discretion. The District reserves the right to set and revise limits on employee and student network bandwidth usage and email and file storage on District computers. Employee access to District information technology shall be terminated when the employee ceases to be employed by the District./div>As used in this policy, the term District information technology includes, but is not limited to, District computers, personal communications devices (PCDs), email, Internet access, cloud resources, and social media and social networking sites. As used in this policy, the term computer includes, but is not limited to, as applicable, all District computers, computer systems, networks, computer hardware, associated peripheral equipment, and software purchased or developed by the District. As used in this policy, the term personal communication device (PCD) includes, but is not limited to, all District cell phones, cameras, audio/visual players, and any other hand-held electronic communication, computing, and data storage devices.
Section 2. PrivacyBecause all employee and student communications, including email, and all related documents, data, software, and other information stored on District computers and/or on PCDs are authorized only for work and education related purposes, employees and students shall have no expectation of privacy with respect to their use of District information technology. The District reserves the right to monitor, inspect, copy, review, and/or remove files. Accessing another employee’s or student’s files is to only be done with the proper authorization and/or pursuant to assigned duties.
Section 3. Security and Password GuidelinesNetwork accounts are to be used only by the authorized owner of the account for the authorized purpose. Computers or other devices which access District data shall not be left unattended without logging out or locking access to the user’s account. Employees that are issued portable devices shall ensure they are not left in areas where they can be easily taken or used without authorization.Passwords are the primary form of user authentication used to grant access to District information systems. To ensure that passwords provide as much security as possible they must be carefully created and used. The following password requirements listed in this section apply to all District employees. At this time, students are not required to comply with these password requirements, however they are encouraged to maintain a strong password. Passwords must be constructed according to set length and complexity requirements. As such passwords must be at least 8 characters in length and must include upper and lower case characters and at least one number. Passwords will have a maximum lifespan. As such, passwords must be replaced every 180 days. Passwords may not be reused any more frequently than every 5 password refreshes. Reuse includes the use of the exact same password or the use of the same root password with appended or pre-pended sequential characters. Additionally, passwords may not contain common words such as: password, test, guest, MSBSD, or MatSu.Employees can set up security questions at https://pw.matsuk12.us. This site will allow a user to select four security questions, and utilize these questions to reset their password in the event they cannot remember their password without having to call the CallCenter. Passwords are to be individually owned and kept confidential and are not to be shared with others. The District strongly encourages the use of pass phrases to assist in remembering passwords. For example, think of a sentence that you can remember. This will be the basis of your password. Use a memorable sentence, such as "Mysonisthree". Add complexity by mixing uppercase and lowercase letters and numbers. It is valuable to use some letter swapping or misspellings as well. For instance, in the pass phrase above, consider capitalizing the word SON or substituting the word "three" for the number 3. There are many possible substitutions, and the longer the sentence, the more complex your password can be. If you prefer, you can also substitute some special characters. You can use symbols that look like letters, combine words and other ways to make the password more complex but still easy for you to remember.
Section 4. EmailBecause of the versatility and ubiquity of email technology, the District recognizes and has established the use of email as an official means of District communication. When using District email, employees and students shall:
- Keep all messages as private as possible. The District and its email administrators shall not read email unless necessary while performing their job duties, including investigation of inappropriate content or as directed by the Executive Director of Human Resources.
- Not send or forward email through a District system or network for purposes that violate District policy or for an illegal or criminal purpose.
- Use only an official District email account to conduct official District business. The use of personal email accounts to conduct District business or to represent oneself or one’s enterprises on behalf of the District is prohibited.
- Not send or forward nuisance email or other online messages such as chain letters or obscene, harassing, offensive, or other unwelcome messages. Such email shall be reported immediately to the appropriate District administrator.
- Not send or forward confidential and/or sensitive information (e.g., information containing Social Security numbers, credit card information, medical records, etc.). If using email, such information should be sent only as an attached password-protected and/or encrypted file.
- Contain genuine sender information (i.e., from whom and from where the message originated). Users shall not impersonate other users or user groups, real or fabricated, by modifying email header information in an effort to deceive recipients. Email spoofing is strictly prohibited.
- Not send or forward potentially damaging email messages (e.g., unsolicited, mass, or commercial messages and/or messages appearing to contain viruses) to intentionally disrupt District operations. In order to prevent the spread of these types of email messages, the District reserves the right to terminate its connection to outside host servers, as well as filter, refuse, and/or discard these messages.
Section 5. Responsibilities Regarding Student Internet UseDistrict employees responsible for classes, programs, or activities involving student Internet access shall instruct the students, prior to allowing such access, about Internet safety and appropriate online behavior, including cyberbullying awareness and response and interacting with other individuals on social networking sites, chat rooms, etc. District employees responsible for classes, programs, or activities involving student Internet access shall also assist the students in developing skills to discriminate among information sources, to identify information appropriate to their age and developmental levels, and to search, evaluate, and use information appropriate to their educational goals. In addition, employees shall monitor online activities of minors, protect minors from visual depictions considered to be obscene and/or child pornography, or with respect to use of District information technology by minors, considered to be harmful to them.
Section 6. Hardware, Peripherals, Software, and ProgramsEmployees have the ability to connect and install devices and software on District computers. The District strongly encourages employees to check with the IT Department if there is any uncertainty about a device or software application prior to connecting or installing it onto a District device. Employees and students shall not connect or otherwise attach any network switching, routing or storage device (including but not limited to switches, routers, network hubs, access points, and network attached storage devices) unless expressly authorized to do so by the appropriate District technology official. Personally owned 3D printers are not authorized to be installed or used in the District without prior approval from the IT Department. Employee installed software must be for work or education related purposes only and shall not cause disruption in the network. It is also the employee’s responsibility to ensure installation does not violate the license agreement for the software.
Section 7. ConfidentialityEmployees shall maintain the confidentiality of all student education records and personally identifiable information developed, sent, received, and/or stored through the use of District information technology as required under the Family Educational Rights and Privacy Act (FERPA), Alaska Public Records Act (APRA), and all applicable District policies, regulations, and procedures. Employees shall also maintain the confidentiality of all personnel file information developed, sent, received, and/or stored through the use of District information technology as required under the Alaska Public Records Act (APRA) and all applicable District policies, regulations, and procedures.Confidential student and personnel information shall be stored only on District computers. Such confidential information shall not be stored on an employee’s or student’s personally owned computer, PCD, or electronic storage device. Such confidential information shall not be stored on any electronic transmission or storage technology owned, controlled, or operated by a third party. Employees are subject to rules established by designated District personnel governing the types of student, employee, and volunteer information that may not be downloaded onto District laptop computers, PCDs, and other portable technology.Employees shall ensure confidential student and personnel information is disclosed only to persons and organizations outside the District as authorized by law and by District policies and regulations. Such confidential information may be disclosed within the District only to officials having a legitimate educational or supervisory interest in it. Toward these ends, it is imperative employees use District information technology correctly and carefully to protect against unauthorized disclosure of confidential student and personnel information.Electronic student education records are subject to inspection by a student’s parent/guardian and by other persons and organizations as provided under the Family Education Rights and Privacy Act (FERPA) and applicable District policies, regulations, and procedures.
Section 8. Protecting Data and SystemsAll employees and students will do their best to ensure all software or data is virus-free before it is installed or loaded on a District computer system. Any detection of a software virus will be reported immediately to the IT Department. Lastly, employees are strongly encouraged to store their data on a network file share as opposed to a computer. Data on network file shares are backed up and protected by the IT Department and thus reduces the potential for lost, stolen or otherwise compromised data.
Section 9. Online AssessmentsStudent assessments may be conducted using District technologies such as the Internet or audience response systems. Normally, students will use these technologies as part of their instructional day. Privacy and security, as defined above, along with confidentiality of assessment responses, are expected.
Section 10. VandalismAny intentional act by a student that damages District technology hardware, software, operating systems, and/or data shall be considered vandalism and shall be subject to school rules and disciplinary procedures. Any intentional act requiring a person’s time to repair, replace, or perform corrective work on District technologies or data shall also be considered vandalism.
Section 11. Prohibited UsesEmployees shall not use District information technology to generate, send, receive, or store communications, documents, data, software, or other information:
- Containing sexually oriented content or pornography, in either written or visual form, that may be reasonably perceived as having the purpose or effect of stimulating erotic feelings or appealing to prurient interests;
- Directing profanity, obscenities, or vulgar language toward another person or classification of persons;
- Promoting violence or advocating unlawful acts;
- Concerning the purchase or manufacture of weapons, controlled substances, or items unlawful to acquire and/or own;
- Harassing, threatening, or promoting violence against another person or classification of persons;
- Concerning the commercial purchase or sale of goods and/or services, or any commercial transaction or advertising related to the employee’s personal interests or profit;
- Constituting plagiarism;
- Defaming another person or classification of persons;
- Violating another person’s confidentiality, or disclosing information about which another person has a reasonable expectation of privacy;
- Involving impersonation or electronic transmission through an anonymous remailer;
- Involving unauthorized access to District computers, computer files, email accounts, email files, or Internet sites, including social media;
- Involving unauthorized use or downloading of software, files, or data;
- Violating federal, state, and/or local laws, including but not limited to criminal law and trademark, copyright, or patent law
- Violating District policies, regulations, and/or procedures;
- Interfering with the normal operation or use of District computers, email, or Internet access, or otherwise disrupting District operations;
- Interfering with a school’s ability to provide educational opportunities to students.
Section 12. Consequences for Policy ViolationEmployee: Any employee who violates this regulation and/or corresponding policies and procedures may have their system access privileges suspended and shall be subject to discipline up to and including termination of employment.Student: Misuse of personal or District technology resources while on or near school property, in school vehicles, and/or at school-sponsored activities, as well as the use of District technology resources via off-campus remote access, shall result in loss of computer privileges, may result in disciplinary action up to and including expulsion, and/or may lead to possible legal referral. Misuse is defined as any malicious attempt to physically deface, disable, or destroy computers, peripherals, or other network hardware; to harm or destroy data of another user or any other agencies or networks that are connected to the system; to gain access or attempt to gain access to unauthorized systems; or to access inappropriate materials from school or District computers. Attempts to bypass the District’s internet filtering software is prohibited. Student use of District technologies may be suspended or restricted at any time with or without cause. Furthermore, intentional unauthorized access and/or damage to networks, servers, user accounts, passwords, or other District resources may be punishable under local, state, and/or federal law. A school may temporarily hold, pending parental or same-day pickup, personal technology resources that are used inappropriately. Individual schools may choose to implement additional rules and regulations pertaining to the use of personal, networked communications resources in their buildings.
Section 13. Reliability and Limitation of LiabilityThe District makes no warranties of any kind, expressed or implied, for the technology resources it provides to students. The District shall not be responsible for any damages suffered by the student, including those arising from non-deliveries, misdeliveries, service interruptions, unauthorized use, loss of data, and/or exposure to potentially harmful or inappropriate material or people. Use of any information obtained via the Internet or via District communications technologies is at the student’s own risk. The District specifically denies any responsibility for the accuracy or quality of information obtained through the Internet, including social media and social networking sites. The student and his or her parent/guardian shall indemnify and hold the District harmless from any losses sustained as the result of misuse by the student of the District’s technology resources.
Section 14. Account Deletion PolicyStudent data will be retained based on their withdrawal date from an MSBSD school. The student account will become inactive 60 days after this date and will be deleted 90 days after this date. This will include access to their network folder and access to instruction software applications (to include, but not limited to, Google Docs, etc).Employee data will be retained based on their separation date from MSBSD. The employee account will become inactive 60 days after this date and will be deleted 1 year after this date. This will include access to email, network folder, and access to instruction software applications (to include, but not limited to, Google Docs, etc).All employee emails are retained in a mail archiving appliance that will allow them to search and find old emails. These emails will be stored in this system for 5 years back from the date received in the system. Any emails older than 5 years from the date of receipt will be permanently destroyed.Employees are required to ensure they meet State and district records retention policies for general correspondence by ensuring records are not stored in a location unique to an individual user account. This includes but is not limited to original incoming and copies of outgoing letters and memoranda related to the general administration and operation of the agency, staff reports, endorsements, conference/training notes, conflict of interest statements, financial disclosure forms, confidentiality statements, inventories/logs, studies, policies & procedures, forms and templates that are classified as records. Additionally, this deletion policy does not pertain to records that document the official affairs of the superintendent concerning teachers, students, and schools located in the district.
Last Modified on December 28, 2018
I'm Looking For...