- Before or at the time of collecting personal information, we will identify the purposes for which information is being collected.
- We will collect and use of personal information solely with the objective of fulfilling those purposes specified by us and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.
- We will only retain personal information as long as necessary for the fulfillment of those purposes.
- We will collect personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned.
- Personal data should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date.
- We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
- We will make readily available to customers information about our policies and practices relating to the management of personal information.
- We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained.
The Board of Education of Ogden School District recognizes its moral and legal responsibility to protect student privacy and ensure data security (student and staff data). Utah’s Student Data Protection Act (SDPA), U.C.A §53E-3-401 requires that Ogden School District adopt a Data Governance Plan. Data governance is an organizational approach to data and information management that is formalized as a set of policies and procedures that encompass the full life cycle of data; from acquisition, to use, to disposal.
Utah Code Ann. §53E-9-305 The Ogden School District (the District) is committed to ensuring the privacy, security, and confidentiality of student data while enabling the information to be used to improve student outcomes. Under Utah state law, an education entity that collects and maintains student data is required to inform parents and students about the student data the District collects and how that information will be used, shared, and protected.
STUDENT DATA THE DISTRICT COLLECTS: Necessary student data includes: name; date of birth; sex; parent contact information; custodial parent information; contact information; a student identification number; local, state, and national assessment results or an exception from taking a local state, or national assessment; courses taken and completed, credit earned, and other transcript information; course grades and grade point average; grade level and expected graduation date or graduation cohort; degree, diploma credential attainment, and other school exit information; attendance and mobility; drop-out date; immunization record or an exception from an immunization record; race; ethnicity; tribal affiliation; remediation efforts; an exception from a vision screening or information collected from a vision screening; information related to the Utah Registry of Autism and Developmental Disabilities; student injury information; a cumulative disciplinary record. Optional student data includes: information that is related to an Individual Education Plan or needed to provide special needs services; and information that is required for a student to participate in a federal or other education related program. The District shall obtain written consent from a parent prior to collecting such information. Student data the District does not collect: a student’s social security number, biometric records, or criminal records except as required in Utah Code § 78A-6-112.
USE OF STUDENT DATA: The District uses student data that it collects to inform educational decisions about the student to improve student outcomes. The District has established a metadata dictionary that shows clear ownership and stewardship of each data element being collected and how we use it. Refer to Policy Manual Sections 11.101 through 11.107
SHARING OF STUDENT DATA: The District may not share a student’s personally identifiable student data if the personally identifiable student data is not shared in accordance with the Family Educational Rights and Privacy Act and the Utah Student Data Protection Act. De-identified data, aggregate data, or anonymized data that could not be used to identify a particular student is not considered personally identifiable and may be released without consent or authorization. Refer to Policy Manual Section 11.100 and 11.105 for additional information.
PROTECTING STUDENT DATA: The District maintains an Information Technology security program that is updated at least annually. The program consists of annual security training, third-party risk assessments, security testing, and audits. District systems are updated regularly to prevent unauthorized access to our systems. The District maintains a variety of agency policies that address data and information privacy which are intended to secure all media containing sensitive or confidential data. To ensure maximum student data privacy, the District shall, in accordance with Utah Board of Education rule, expunge a student’s data that is stored by the District. If there is a release of a student's personally identifiable student data due to a significant security breach, the District shall notify the student, if the student is an adult student, or the student's parent or legal guardian, if the student is not an adult student. The collection, use, and sharing of student data has both benefits and risks. Parents and students should learn about these benefits and risks and make choices regarding student data accordingly. Refer to Policy Manual Section 11.108 for additional information and updates.
Additional Information can be found in Section 11 of Ogden School District Policy Manual
Updated January 2019