Data Security & Info
We take our data very seriously. This includes all data including students, parents, and staff's information. Our PandaTechTeam works hard to review all software contracts and purchases to verify the companies meet our high expectations.
We've implemented the following to keep our data safe:
- Data Governance (within Microsoft 365) helps our PandaTechTeam protect sensitive documents from leaving our organization.
- Review of all Software contracts to determine what data they need and to verify they do not sell our data to others.
- Threat Management to protect against cyber attacks, email phishing, malware, and much more.
- We control how and where our data is stored, used, and retained per all laws and compliance.
- We take HIPPA, FERPA, CIPA, SOPPA, and COPPA compliance very seriously.
Firewall and Internet Filter:
Our firewall protects our data by blocking malware, viruses, and other negative things that impact schools, businesses, and organizations daily. Our firewall also has a strong content filter that protects our students and staff from a variety of website categories as recommended by CIPA (Children’s Internet Protection Act). CIPA was created by the FCC to create guidelines to schools and libraries for Internet Safety. Arbor Park School District 145 is compliant with CIPA and does accept E-Rate funding which allows us to improve our network infrastructure and Internet speeds throughout our district. Our PandaTechTeam has gone above and beyond CIPA recommendations to make sure our kids are safe while on any device (iPad,Chromebook, Laptop, Computer) in our district.Information about the compliance District 145 is required to meet:
SOPPA
Effective July 1, 2021, school districts will be required by the Student Online Personal Protection Act (SOPPA) to provide additional guarantees that student data is protected when collected by educational technology companies, and that data is used for beneficial purposes only (105 ILCS 85). APSD145 has worked hard over the last year becoming compliant with all of our software and application providors. To see a full list of approved and not approved software/apps, please visit our information posted on the SDPC Resource Registry website: Arbor Park School District SDPC Listing.
CIPA
The Children's Internet Protection Act (CIPA) was enacted by Congress in 2000 to address concerns about children's access to obscene or harmful content over the Internet. CIPA imposes certain requirements on schools or libraries that receive discounts for Internet access or internal connections through the E-rate program – a program that makes certain communications services and products more affordable for eligible schools and libraries. In early 2001, the FCC issued rules implementing CIPA and provided updates to those rules in 2011.
What CIPA requires
Schools and libraries subject to CIPA may not receive the discounts offered by the E-rate program unless they certify that they have an Internet safety policy that includes technology protection measures. The protection measures must block or filter Internet access to pictures that are: (a) obscene; (b) child pornography; or (c) harmful to minors (for computers that are accessed by minors). Before adopting this Internet safety policy, schools and libraries must provide reasonable notice and hold at least one public hearing or meeting to address the proposal.
Schools subject to CIPA have two additional certification requirements: 1) their Internet safety policies must include monitoring the online activities of minors; and 2) as required by the Protecting Children in the 21st Century Act, they must provide for educating minors about appropriate online behavior, including interacting with other individuals on social networking websites and in chat rooms, and cyberbullying awareness and response.
Schools and libraries subject to CIPA are required to adopt and implement an Internet safety policy addressing:
- Access by minors to inappropriate matter on the Internet;
- The safety and security of minors when using electronic mail, chat rooms and other forms of direct electronic communications;
- Unauthorized access, including so-called “hacking,” and other unlawful activities by minors online;
- Unauthorized disclosure, use, and dissemination of personal information regarding minors; and
- Measures restricting minors' access to materials harmful to them.
Schools and libraries must certify they are in compliance with CIPA before they can receive E-rate funding.
- CIPA does not apply to schools and libraries receiving discounts only for telecommunications service only;
- An authorized person may disable the blocking or filtering measure during use by an adult to enable access for bona fide research or other lawful purposes.
- CIPA does not require the tracking of Internet use by minors or adults.
To find out more information on the Children’s Internet Protection Act (CIPA), please visit:
https://www.fcc.gov/consumers/guides/childrens-internet-protection-act.
COPPA
RULE SUMMARY:
COPPA imposes certain requirements on operators of websites or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.
To find out more information on the Children’s Online Privacy Protection Rule (COPPA), please visit:
https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule
FERPA
The Family Educational Rights and Privacy Act (FERPA) is a federal law that affords parents the right to have access to their children’s education records, the right to seek to have the records amended, and the right to have some control over the disclosure of personally identifiable information from the education records. When a student turns 18 years old, or enters a post secondary institution at any age, the rights under FERPA transfer from the parents to the student (“eligible student”). The FERPA statute is found at 20 U.S.C. § 1232g and the FERPA regulations are found at 34 CFR Part 99.
District 145 FERPA Statement (PDF)
Our PandaTechTeam follows all best practices for protecting student data including data destruction, training, and data security checklists.
To find out more information on the Family Educational Rights and Privacy Act (FERPA), please visit:
https://studentprivacy.ed.gov/?src=fpco
All of our data within Microsoft (OneDrive, Teams, Sharepoint, etc.) is housed on servers in North America. This is one more step to keep our data safe!