Digital Resource Acquisition Procedure

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
2 hours 19 minutes
Difficulty
Beginner
CEU/CPE
3
Video Transcription
00:00
welcome back to student data privacy fundamentals. This lesson is digital resource acquisition procedure.
00:08
In this video, you will learn suggestions for requesting new software for your organization. How to maintain a current list of approved or denied software requests
00:19
and tips for using digital resource is in compliance with their licensing requirements.
00:24
The purpose of the digital resource acquisition and use process is to ensure proper management legality and security of information systems,
00:33
increased data integration capability and efficiency, and minimize malicious code that could be inadvertently downloaded.
00:43
Staff are required to complete steps outlined within the digital resource is flow chart for both instructor and student Resource is
00:52
Here's an example of a school district digital resource acquisition flow chart.
00:57
Pause the video and read through the flow chart.
01:06
All staff must adhere to the following guidelines regarding digital resource acquisition
01:11
contracts for any systems that create, collects or uses personally identifiable information. PII II, student records or confidential data must be reviewed by the ice. Oh, prior to initiation.
01:23
It is the responsibility of staff to ensure that all electronic resource is our age appropriate ferpa compliant,
01:30
compliant with local, state and federal laws entering compliance with software agreements before requesting use.
01:41
It is the responsibility of staff requesting digital content to properly vet the resource is to ensure that it meets district business objectives. Is in line with curriculum or behavioral standards. Is instructional lee sound and is appropriate for the intended use?
01:57
Digital resource is that a company adopted instructional materials will be vetted by the appropriate party prior to purchase.
02:06
This could be an assistant superintendent, director of curriculum, director of technology or educational technology manager.
02:14
One example of this is the purchase of a on online curriculum and within that curriculum there are certain APS that are used and one of the apse our district found to be not intended for students under 13.
02:31
So we had to go back to the company and ask for
02:35
alternate APS to use instead of that one that's written into their curriculum because that specific app did not meet the requirements that we have.
02:46
All new resource is shall be properly evaluated against the following criteria when applicability
02:53
impact on technology environment, including storage and bandwidth hardware requirements, including any additional hardware that might be needed like headphones, a mouse, etcetera,
03:06
license requirements and licensing structure. number of licences needed and renewal cost
03:12
maintenance agreements, including cost
03:15
resource update and maintenance schedule
03:17
and funding for the initial purchase, and also continued licenses and maintenance of that purchase.
03:25
Evaluate the terms of service, privacy policy and contract that meet the following criteria.
03:31
Student and or staff data will not be shared, sold or mind with or by 1/3 party
03:38
students and or staff data will not be stored on servers outside of the United States.
03:44
The provider will comply with district guidelines for data transfer or destruction When the contractual agreement is terminated.
03:53
No, a P I or application programming interface will be implemented
03:58
without full consent of the district.
04:00
All data will be treated in accordance to federal, state and local regulations,
04:05
and the provider assumes liability and provides appropriate notification in the event of a data breach.
04:14
In order to ensure that all resource is used, made security guidelines and to prevent software containing malware, viruses or other security risks data digital re sources have been evaluated, are categorized as approved or denied
04:30
prior to approval or denial. Digital resource is shall be approved by the director of technology or designee.
04:39
A list of evaluate software will be maintained on the district technology site.
04:44
It is the responsibility of staff to submit requests for a resource review if a resource is not listed that they want to use.
04:53
Resource is that are labelled, denied or have not yet been reviewed. Will not be allowed on district own devices or uses part of district business or instructional practices.
05:05
All computer software developed by employees or contract personnel on behalf of the district licensed or purchased for district use is the property of the district and shall not be copied for use at home or any other location. Unless otherwise specified by the license agreement.
05:28
All staff must adhere to the following guidelines regarding digital resource is licensing and use
05:34
Onley approved district resource is are to be used.
05:38
They will be kept on file in the technology office and tracked by the Technology Department.
05:43
Accurate up to date and adequate
05:46
in compliance with all copyright laws and regulations.
05:49
In compliance with district, state and federal guidelines for data security.
05:56
Software installed on district systems and other electronic devices will have a current license on file or will be removed from the system or device
06:05
resource is with or without physical media. For example, those downloaded from the Internet applications are online
06:13
shall still be properly evaluated and licensed if necessary, and is applicability to this procedure?
06:18
Under no circumstance can staff act as a parental agent when creating student accounts for all nine. Resource is, resource is requiring this permission must be approved at the district level.
06:31
And this goes back to when we discussed Copa compliance. If you remember back to our first module and copal compliance
06:41
states that has a specific regulations for students under the age of 13. And there is that gray area that we talked about with Copa compliance, where
06:53
some terms of service state that,
06:56
um, staff a teacher, for example can act as a parent to give
07:03
permission for a student to use an application. And
07:08
this example is if your organization wants to not
07:14
go with that gray area. Um, and this is, for example, what my district has chosen to dio Ah, we have decided that we're not going to put a teacher in a position to act as a parent
07:28
in that situation, so we actually, if APS require parent permission, we
07:35
do not typically use those unless we approve them at the district level and then we have to go and actually retrieve and keep on file permission from the students. Parents.
07:49
Time for a quiz
07:50
Thinking about all of these tips and things that we've discussed here, what is one aspect of digital resource acquisition that your organization does run well right now.
08:09
All right, Hopefully you could think of at least one thing that your organization is doing well right now.
08:13
Another follow of quiz question. Think about two aspects that we talked about here, that your organization could do better.
08:30
All right, so if you thought of your to that, you could improve upon make sure toe job those down, go back and learn a little bit more about in the lesson here. And take those and put some special notes in your data governance policy that you're working on.
08:48
So in summary
08:50
in today's video, we discussed suggestions for requesting new software for your organization and a detailed flow chart for staff reference.
08:58
A checklist for maintaining a current list of approved or denied software requests
09:03
and best practices for using digital resource is in compliance with their licensing requirements.
09:09
In our next lesson, we will work on the data security checklist. See you soon
Up Next
Student Data Privacy Governance

This training course is an introduction to federal, state, and local laws and regulations safeguarding online data, including FERPA and other student data privacy programs. Students will learn how to create a data governance policy for their organization.

Instructed By