Technology Use and Student Data Privacy
Data Governance and Privacy
SAU29 and its School Districts recognize the value and importance of a wide range of technologies for a well-rounded education, enhancing the educational opportunities and achievement of students. We provide faculty, staff, and administration access to technology devices, software systems, network and Internet services to support research and education. All components of technology must be used in ways that are legal, respectful of the rights of others, protective of juveniles and that promote the educational objectives of SAU29 and its Schools.
To that end, the SAU29 and its School Districts must collect, create and store confidential information. Accurately maintaining and protecting this data is important for efficient district operations, compliance with laws mandating confidentiality, and maintaining the trust of all district stakeholders. All persons who have access to district data are required to follow state and federal law, district policies and procedures, and other rules created to protect the information.
It is the policy of New Hampshire School Administrative Unit 29 and its School Districts that data or information in all its forms, written, electronic, or printed, is protected from accidental or intentional unauthorized modification, destruction or disclosure throughout its life cycle. SAU29 and its School Districts have a responsibility to ensure that data and privacy for students and staff is adequately protected while using any technology.
Federal and State Laws that Impact Technology Use for Students and Staff
SAU29 and its School Districts complies with or exceeds the NH Minimum Standards for Privacy and Security of Student and Employee Data approved in 2019.
SAU29 and its School Districts comply with all other applicable regulatory acts including but not limited to the following:
- Children’s Internet Protection Act (CIPA)
- Children’s Online Privacy Protection Act (COPPA)
- Family Educational Rights and Privacy Act (FERPA)
- Health Insurance Portability and Accountability Act (HIPAA)
- Payment Card Industry Data Security Standard (PCI DSS)
- Protection of Pupil Rights Amendment (PPRA)
- Individuals with Disabilities in Education Act (IDEA)
New Hampshire State RSA - Student and Teacher Information Protection and Privacy
- NH RSA 189:65 Definitions
- NH RSA 189:66 Data Inventory and Policies Publication
- NH RSA 189:67 Limits on Disclosure of Information
- NH 189:68 Student Privacy
- NH RSA 189:68-a - Student Online Personal Information
New Hampshire State RSA - Right to Privacy:
- NH RSA 359-C:19 - Notice of Security Breach Definitions
- NH RSA 359-C:20 - Notice of Security Breach Required
- NH RSA 359-C:21 - Notice of Security Breach Violation
User Compliance
A consistently high level of personal responsibility is expected of all users granted access to the technology resources of SAU29 and the School Districts of SAU29. Any violation of SAU29, and its School Districts, policies or procedures regarding technology usage may result in temporary, long‐term or permanent suspension of user privileges.
This applies to all users of SAU29 and its School Districts information including: staff, students, volunteers, and authorized contractors or agents for SAU29 and its School Districts. All users are to maintain compliance with Board Policies and administrative procedures from SAU29 and it's School Districts.
Things to Remember When Writing Grants for Technology or Purchasing Apps
Before purchasing or creating a grant to purchase any technology you must submit a work order with specifics regarding the technology you are looking to purchase:
- Developer of the technology
- Website for the technology being requested
- Contact information for the developer
- Any digital resources (websites, apps, programs, etc.) required for using the technology being requested
Once we receive the request we will vett it for privacy and check the technology to make sure it fits within SAU29's infrastructure.