Policy FEF-District Technology Security
Issue Date: July 19, 2017
Juab School District (JSD) supports secure network systems, including security for all personally identifiable information that is stored on paper or stored digitally on JSD-maintained computers and networks. This policy supports efforts to mitigate threats that may cause harm to the students, or employees in the JSD.
JSD will ensure reasonable efforts will be made to maintain network security. Data loss can be caused by human error, hardware malfunction, natural disaster, security breach, etc., and may not be preventable.
All persons who are granted access to the JSD network and other technology resources are expected to be cautious of suspicious communications and unauthorized use of devices on the network. When an employee or other user becomes aware of suspicious activity, he/she is to immediately contact the network administrator with the relevant information.
This policy and procedure also covers third party vendors/contractors that contain or have access to JSD critically sensitive data. All third party entities will be required to sign the Restriction on Use of Confidential Information Agreement before accessing our systems or receiving information.
It is the policy of JSD to fully conform with all federal and state privacy and data governance laws. Including the Family Educational Rights and privacy Act, 20 U.S. Code §1232g and 34 CFR Part 99 (hereinafter “FERPA”), the Government Records and Management Act U.C.A. §62G-2 (hereinafter “GRAMA”), U.C.A. §53A-1-1401 et seq. and Utah Administrative Code R277-487.
The school board directs the JSD Technology Director to develop procedures to support this policy. Professional development for staff regarding the importance of network security and best practices is to be included in the procedures. The procedures associated with this policy are consistent with guidelines provided by cyber security professionals worldwide and in accordance with Utah Education Network. JSD supports the development, implementation and ongoing improvements for a robust security system of hardware and software that is designed to protect data, users, and electronic assets.