DBS CODE: 3520.11 DBS CODE: 3520.11Business and Non-Instructional Operations
Electronic Information Security -
The objective of electronic information security is to ensure business continuity and minimize business damage by preventing, controlling and minimizing the impact of security breaches. The purpose of this policy is to protect the Somers Public School system's electronic information resources from threats, whether internal or external, deliberate or accidental. Electronic information resources are defined as all District computer equipment, including any desktop or laptop computers and all hardware owned or leased by the school system; the District's computer network, and any computer software licensed to the District; and stored data. This policy shall apply to all users, whether or not affiliated with the District, of District electronic information resources as well as to all uses of those resources, wherever located.
The School System will maintain access management processes to ensure that appropriate access will be afforded to electronic information resources.
Availability of the electronic information infrastructure is crucial to the continued effectiveness of the Somers Public Schools. The District will develop and implement procedures in accordance with prevailing industry standards and applicable federal and state law to manage environmental, developmental and disaster recovery requirements.
The District will educate all users regarding acceptable use and proper security procedures for electronic information resources.
The District will manage electronic information resources in accordance with applicable federal and state law and regulations, including laws regarding the confidentiality of student and personnel information and access to public records.
(cf. 3520.1 - Information Security Breach and Notification)
Legal Reference: Connecticut General Statutes
1-19(b)(11) Access to public records. Exempt records.
7-109 Destruction of documents.
10-15b Access of parent or guardians to student's records.
10-209 Records not to be public.
11-8a Retention, destruction and transfer of documents
11-8b Transfer or disposal of public records. State Library Board to adopt regulations.
46b-56 (e) Access to Records of Minors.
Connecticut Public Records Administration Schedule V - Disposition of Education Records (Revised 1983).
Federal Family Educational Rights and Privacy Act of 1974 (section 438 of the General Education Provisions Act, as amended, added by section 513 of P.L. 93-568, codified at 20 U.S.C.1232g.).
Dept. of Educ, 34 C.F.R. Part 99 (May 9, 1980 45 FR 30802) regs. implementing FERPA enacted as part of 438 of General Educ. Provisions Act (20 U.S.C. 1232g) parent and student privacy and other rights with respect to educational records, as amended 11/21/96.
42 U.S.C. 1320d-1320d-8, P.L. 104-191, Health Insurance Portability and Accountability Act of 1996 (HIPAA)
65 Fed. Reg. 503 12-50372
65 Fed. Reg. 92462-82829
63 Fed. Reg. 43242-43280
67 Fed. Reg. 53 182-53273
Policy adopted: May 26, 2015