Skip to main content
Create interactive lessons using any digital content including wikis with our free sister product
. Get it on the
Pages and Files
AUP / Online Safety
Conferences / PD
Copyright / Plagiarism
Laptop 1-1 Programs
Members on the Web
Open Source Software
Web 2.0 Tools
Technical Security in an Educational Environment
Seminar at Columbus State University
- Tuesday, April 17, 2007
Summary of notes from Patty Nathan, Steve Wells, Lee Conner and Kathy Bailey.
Theme – IT and technology staff can not be isolated but must work with the administration to set policy for educational and legal issues; technology is not just running servers and teaching. Administrators must be involved with decisions dealing with student confidentiality, fair use policies, curriculum, data access and storage, and, in general, procedures followed by the technology department.
AUP – Acceptable Use Policy
Law passed that all schools must have an AUP as of January 1, 2007
Difficult to prove violations, but can track
Should include statement that by reading the AUP and using the school’s technology equipment you are agreeing to the AUP
Strongly recommend that teachers and staff sign (if discipline or dismissal becomes necessary)
Should explicitly state not to share password and log-in information
Specifically states that the school filters
Specifically states e-mail is the property of the school and subject to the open records laws
Must have a separate Internet Safety Policy including how information is stored, accessed and who can access
Include in employee and student handbooks
Careful with restrictions because of the 1st amendment
Document and Data Retention
Most emails are 'transitory' in nature and needn't be retained
Content of item not format (ie just because it is e-mail) is used to determine which emails are transitory. There are many categories – all on a case by case situation as to how long must be kept.
State of Georgia Retention Schedules
Need written Record Retention Policy clearly stating how long documents including e-mail are kept
E-mails do not have to be kept electronically but can be printed and saved.
FERPA – Family Education Rights Protection Act
Can’t release educational records without parental permission
Parents has full access to child’s records. Written requests recommended.
Records include anything about student in print or electronic including gradebooks, e-mails and online data
Some information kept by special education teachers
Notes kept by counselors and administrators for recall purposes. Notes can
be viewed by other staff members or they become part of the students’ record.
Within strict guidelines, directory information is exempt from records that must be with held:
Name, address, photo, clubs, yearbook OK with parent approval and done in such a way that child cannot be specifically identified.
Can not include any personal or private information that could result in a student be contacted by a third party.
Parents must be given this choice to opt out.
Directory information policy should be in handbooks.
(Public Institutions and Organizations: everything is an open record unless exempt
Private Schools and Businesses: only during court order or legal investigations).
Citizens can access open records and right to copies
Every record received in the course of business day by a public institution is an open record
Emails are property of the institution and are treated as records
Exemptions include teacher evaluations, personal information, personal notes by counselors and administrators for recall purposes
Exemptions are defined in various different places in Georgia Law and include:
Social security numbers
Home address, phone number
Law enforcement addresses and phone number
Directory Information is an open record (Which has implications as to what can be posted on the Internet. (See FERPA and CIPA)
Records retention policy needs to be defined
CIPA – Children’s Internet Protection Act
Requires monitoring of student access
School is responsible for what happens to student or what the student might do to someone else while using school technology
Restricts student access to private mail accounts while at school since can’t screen content
Video: Each project requires a note to parents with option for parent to say decline their child being in front of the camera. Should clearly state where the video will be posted and how it will be distributed. Should include the phrase, “As with any electronic media, the possibility exist for a wider, unsanctioned distribution.” (At Paideia, a class video found its way to YouTube.)
Discovery process – don’t need all evidence to sue
Documents asked for are required with some limitations; some filtering OK
A good attorney will ask lots of information about a school’s technology network, servers, data format and retention to aid him/her in the discovery process. Will want to know what work documents, e-mail, photos and other items are retained, in what format, how they can be accessed and how they can be searched
Has to be explained at the most simplistic level
Search limited to what is
accessible. i.e. Don’t have to keep old servers with dated programs so old files can be viewed
Set up search system that makes access easy. (Be able to search all computers on a network from a server instead of having to go to individual stations. One public school set their mail software to download mail to each individual’s computer when mail was accessed instead of retaining mail on server. It saved server space but during a lawsuit, someone from technology had to physically visit every computer that might have received or received a response from each message.)
help on how to format text
Turn off "Getting Started"