Data Governance

The Board of Education of Ogden School District recognizes its moral and legal responsibility to protect student privacy and ensure data security (student and staff data). Utah’s Student Data Protection Act (SDPA), U.C.A §53E-3-401 requires that Ogden School District adopt a Data Governance Plan. Data governance is an organizational approach to data and information management that is formalized as a set of policies and procedures that encompass the full life cycle of data; from acquisition, to use, to disposal.

 

The OSD Data Governance Plan is applicable to all employees, temporary employees, contractors, and volunteers of the Ogden School District. The policy must be used to assess agreements made to disclose data to third-parties. This policy must also be used to assess the risk of conducting business. In accordance with Ogden School District policy and procedures, this policy will be reviewed and adjusted on an annual basis or more frequently, as needed. This policy is designed to ensure only authorized disclosure of confidential information.

Want to know what data the Ogden School District uses to provide educational opportunities to its students? The Utah State Board of Education maintains a record of the systems and services with which we share data. Click the link here to view this Metadata Dictionary or down below under Resources.

 

 

Resources

Policies

Click the links below to view the Ogden School District policy manual and scroll down.

Training Levels

  • Level 1 Security and Privacy Training
    • This training is an overview of data governance and security (e.g., best practices, guidelines, policy review, etc.).
    • Required of all employees (including board members, contract, temporary, and volunteer).
  • Level 2 Security and Privacy Training
    • This training includes a fundamental understanding of data governance and security specific to users who have school- or class-level access to student data.
    • Required if
      • Your position includes an educator license.
      • The employee has school- or class-level access to student data.
      • Requested by the Student Data Manager.
  • Level 3 Security and Privacy Training
    • This training includes an advanced understanding of data governance and security for users with district-level access to student data.
    • Required if
      • Your position requires an administrative license.
      • You have district-wide data access.
      • Requested by the Student Data Manager.

Meeting Minutes

Data Disclosure Request

To request Ogden School District data, please complete this form. A representative from the Ogden School District will get in touch with you with further details.

Parents, guardians, and eligible students may request access to their student’s education records through the last school the student attended. If the records are not at the last school attended, parents/guardians may call Student Records at (801) 737-8849.

Metadata Dictionary

The Utah Sate Board of Education houses a record of all student data shared by the Ogden School District in the USBE Metadata Dictionary. Click the link below to view the Metadata Dictionary.

Directory Information and Digital Imagery Opt-Out Form

To learn more about Directory Information, see the FAQ section to the right.

If a parent or guardian would like to opt out of the sharing of their child's Directory Information, you may mark this in the online registration process. They will also need to fill out the linked form and return it to their child's school. The form is also linked in the Resources section to the left or below.

FAQ

What is Personally Identifiable Information (PII)?

PII is Personally Identifiable Information. This includes any content that could be used to identify a student and could include the student's name, state or LEA ID number, email address, or other unique data.

What is Directory Information?

Ogden School District may disclose some PII, designated “Directory Information,” without special consent, unless the parent or guardian has opted out of that sharing. The primary purpose of directory information is to allow the Ogden School District to include information from a child’s education records in certain school publications or to accomplish essential tasks.

If a parent or guardian would like to opt out of the sharing of their child's Directory Information, you may mark this in the online registration process. They will also need to fill out the linked form and return it to their child's school. The form is also linked in the Resources section to the left or below.

How do I share PII with another OSD staff member?

As a general rule, always try to limit the PII you need to communicate. Use only enough to ensure that all parties are on the same page.

If your communication requires more extensive amounts of PII, best practice is to place the info in a Google Doc and only share it with the recipient. This will require them to be signed-in to their own Google account which ensures their identity. Also disable download, print, and copy capability and prevent editors from changing access. Learn more here.

You may also use Gmail's Confidential Mode to

  • Set an expiration date for sensitive emails
  • Require a passcode to view sensitive emails
  • Prevent forwarding, downloading, copying, and pasting of sensitive data with an email.

Learn more about sending emails & attachments confidentially.

How do I share student records with a school in another district?

Sharing outside of our district is more risky because they are outside of our non-disclosure agreement and acceptable use policy. If you must communicate PII like student records with another district, the best solution is to scan the document(s) to a PDF, require a password to open it, then email the PDF.

Is the phone a secure way to share PII?

Calling someone on the phone is one of the most secure ways we can communicate. There are however a few ideas to keep in mind:

  • Avoid leaving PII in a voicemail.
  • Don't send a text containing PII.
  • Ensure that your environment is secure before listening or talking out loud on the phone.

What data can be shared by text?

Texting is not secure so limit your communication to necessary Directory Information. If greater detail is needed, consider using a secure managed service like our Ogden School District email or Google Hangouts using your OSD account.

How do I share PII with USBE?

USBE uses a secure file transfer system called MOVEit. This is the most secure system for sharing PII back and forth with USBE. In most cases, a district administrator will facilitate this level of sharing via MOVEit.

Can I use a fax machine to send PII?

A fax machine is only secure if you know the recipient is there waiting to receive your communication. If you must use fax, ensure that the recipient is ready or that their fax machine is in a secure location. The best solution is to scan the document to a PDF, require a password to open it, then email the PDF.

Can I share PII with a parents or guardian via email?

If a parent or guardian reaches out to an OSD staff member, requesting their student's PII, you may share it directly with them, even via email. However, the OSD staff member should not initiate this sharing. If you need to share important information with a parent or guardian, it is always best to use a phone call or set up a face-to-face meeting.

Can I use an add-on or extension with my data or account?

If you use Google Add-ons or Google Extensions with your Google account, you should exercise caution when enabling them in documents containing PII. Unless we have a specific agreement with the company who created the add-on or extension, we shouldn't enable it in a document containing PII.

What data does the Ogden School District share?

All data shared outside the Ogden School District is recorded in the Metadata Dictionary. This list includes entities who are committed to protecting your child's data as they provide educational services.