NAVIGATOR POINTE ACADEMY DATA GOVERNANCE PLAN
1. PURPOSE
Data governance is an organizational approach to data and information management that is formalized as a set of policies and procedures that encompass the full life cycle of data; from acquisition, to use, to disposal. NAVIGATOR POINTE ACADEMY takes seriously its moral and legal responsibility to protect student privacy and ensure data security. Utah’s Student Data Protection Act (SDPA), U.C.A §53A-1-1401 requires that NAVIGATOR POINTE ACADEMY adopt a Data Governance Plan.
2. SCOPE AND APPLICABILITY
The NAVIGATOR POINTE ACADEMY plan is applicable to employees, volunteers, and third-party contractors with access to student education records. NAVIGATOR POINTE ACADEMY will use this plan along with all its school policies and procedures concerning student data privacy and security to manage and address student data issues, assess agreements that permit disclosure of student data to third parties, and assess the risk of conducting business with such third parties. The plan is designed to ensure that Navigator Pointe Academy makes only authorized disclosure of confidential information.
This Plan also refers to and works in conjunction with the School’s Information Technology Security Policy and Plan, Student Data Privacy and Security Policy, Employee Security and Privacy Training Policy and Curriculum, Family Educational Rights and Privacy Policy and Administrative Procedures, and policies and procedures related to the following data and security areas:
1. Data Advisory Roles and Responsibilities;
2. Non-Disclosure Assurances for Employees
3. Data Security and Privacy Training;
4. Data Disclosure;
5. Data Breach;
6. Record Retention and Expungement;
7. Data Quality
8. Transparency
3. DATA ADVISORY ROLES AND RESPONSIBILITIES
3.1 STRUCTURE
Navigator Pointe Academy Governing Board authorizes the School Director to select School Data Stewards to work as the Information Technology Systems & Security Advisory Group (NPA IT Advisory Group) and to delegate responsibilities relative to this plan.
The Information Technology Systems Security Advisory Group (IT Advisory Group) shall include the School Director, Student Data Administrator, Data Administrative Assistant, Information Technology Systems & Security Administrator (IT Security Administrator), and a Navigator Pointe Academy teacher appointed by the School Director.
The IT Advisory Group may also consult with contracted entities. The IT Advisory Group will help the School implement and comply with this plan.
The School Director will oversee and ensure Navigator Pointe Academy’s Data Governance Policy and Plan implementation, which include the following:
1. Selecting IT Advisory Group members;
2. Delegating responsibilities to IT Advisory Group members;
3. Meeting as needed to review Data Governance matters;
4. Ensuring annual school-level training on data privacy and security to all employees and volunteers with access to student education records. Document all staff names, roles and training dates, times, locations, and agendas;
5. Reporting periodically to the NAVIGATOR POINTE ACADEMY governing board information or concerns
The NPA Student Data Administrator will act as the primary local point of contact for the state student data officer and will work with the School Director and IT Advisory Group to fulfill the data privacy procedures and processes outlined in the School’s Data Governance Plan, which include the following:
1. Authorize and manage the sharing, outside of the education entity, of personally identifiable student data from a cumulative record for the education entity;
2. A student data administrator may share (PII) student data that are
a. of a student with the student and the student’s parent
b. required by state or federal law
c. in an aggregate form with appropriate data redaction techniques applied
d. for a school official
e. for an authorized caseworker or other representative of the Department
of Human Services or the Juvenile Court
f. in response to a subpoena issued by a court
g. directory information
h. submitted data requests from external researchers or evaluators
3. A student data manager may not share personally identifiable (PII) for the
purpose of external research or evaluation
4. Create and maintain a list of all LEA employees that have access to personally
identifiable student data
5. Assist with the annual school level training on data privacy to all staff members, including volunteers with access to Student Personally Identifiable Information (PII).
6. Report to the School Director on a weekly basis information and concerns
7. Serve as a liaison to Navigator Pointe Academy’s contracted Technology support entity
The data privacy and security responsibilities of the Student Data Administrative Assistant include the following:
1. Providing assistance to the School Director with student data management
2. Working with the Student Data Administrator to accomplish the goals and tasks of data privacy management
The primary, security responsibilities will be directed by the IT Systems & Security Administrator. The security responsibilities set forth in this Plan supplement the responsibilities outlined in the School’s Data Governance Plan, which include the following:
1. Overseeing IT security at the School;
2. Helping the School to comply with IT security laws applicable to the School;
3. Providing training and support to School employees on IT security matters;
4. Investigating complaints of alleged violations of the School’s IT security policies, procedures, or plans;
5. Investigating alleged security breaches of the School’s IT systems; and
6. Reporting the school systems security needs and concerns to the School Director monthly, or as needed;
7. Serve as a liaison to Navigator Pointe Academy’s contracted Technology support entity
The data privacy and security responsibilities of the Teacher assigned to the Advisory Group include:
1. Providing teacher and student “user” information to designated staff and students
2. Supporting the Student Data Administrator and IT Administrator in an advisory capacity
3.2.1 Employees and Volunteers with Access to Education Records
1. Participate in student data privacy training each year as required;
2. Sign a statement annually certifying completion of student data privacy training and understanding of student data privacy requirements as required;
3. NOT sharing personally identifiable student data outside of the school unless authorized to do so by law and the Student Data Administrator;
4. Using password-protected School-authorized computers when accessing the school’s data systems or viewing or downloading any student-level records; or school data systems with anyone;
5. NOT sharing or exchanging school-issued individual passwords for school-authorized computers with others;
6. Logging out of any School data system or portal and closing the browser after each use or extended absence;
7. Storing personally identifiable student data on appropriate, secured locations personally owned computers or devices, are not deemed appropriate for storage of personally identifiable student data unless authorized by the Student Data Manager;
8. Keeping printed documents with personally identifiable student data in a secured location and using School-approved document destruction methods when disposing of such records;
9. NOT sharing personally identifiable student data during public presentations;
10. Using secure methods when sharing or transmitting personally identifiable student data with authorized individuals. Secure electronic methods include, but are not limited to, telephone calls, own Cloud, MoveIt (when sending data to the State), and encrypted email. Also, sharing within secured server folders is appropriate for School internal file transfer;
11. Taking steps to avoid disclosure of personally identifiable student data in authorized reports or materials available to the public, such as aggregating, data suppression, rounding, blurring, etc;
12. Only accessing and using student data as authorized by the School to fulfill job or volunteer duties, and not for any other purpose;
13. Immediately reporting to the Student Data Administrator any data breaches, suspected data breaches, or any other suspicious activity related to data access;
14. Consulting with the Student Data Administrator regarding any questions about personally identifiable student data and related privacy laws, requirements, or concerns; and
15. Abiding by the requirements, processes, and procedures of this Plan.
3.2.2 Educators
In addition to abiding by the employee responsibilities listed above, educators at the School are also responsible for the following:
1. NOT sharing personally identifiable student data through educational apps (or any other apps used for classroom instruction) unless and until the app has been approved as required by the Student Data Administrator; and
2. Completing the student data security and privacy training for educators developed by the State Superintendent when required for the educator’s re-licensure pursuant to R277-487-13
3.2.3 Third-Party Contractors
Third-party contractors who have access to or receive personally identifiable student data pursuant to a contract with the School shall only use the data for the purpose of providing the contracted product or service within the negotiated contract terms. Each third-party contractor is responsible for complying with the contract and entering into and complying with the Data Confidentiality Addendum approved Navigator Pointe Academy’s Governing Board.
4. EMPLOYEE NON-DISCLOSURE ASSURANCES
Employee non-disclosure assurances are intended to minimize the risk of human error and misuse of NAVIGATOR POINTE ACADEMY’s students’ personally identifiable student data.
4.1 SCOPE
All NAVIGATOR POINTE ACADEMY board members, employees, contractors and volunteers with access to education records must sign and obey the NAVIGATOR POINTE ACADEMY Non-Disclosure Agreement (See Appendix A), which describes the permissible uses of state technology and information.
4.2 Consequences for Non-Compliance
Non-compliance with the agreements shall result in consequences up to and including removal of access to NAVIGATOR POINTE ACADEMY’s network; if this access is required for employment, employees and contractors may be subject to dismissal.
4.3 Non-Disclosure Assurances
All student data utilized NAVIGATOR POINTE ACADEMY is protected as defined by the Family Educational Rights and Privacy Act (FERPA) and Utah statute. This policy outlines the way NAVIGATOR POINTE ACADEMY staff is to utilize data and protect personally identifiable and confidential information. A signed agreement form is required from all NAVIGATOR POINTE ACADEMY staff to verify agreement to adhere to/abide by these practices and will be maintained in NAVIGATOR POINTE ACADEMY Human Resources. All NAVIGATOR POINTE ACADEMY employees (including contract or temporary) will:
-
Complete a Security and Privacy Fundamentals Training.
-
Complete a Security and Privacy Training for Researchers and Evaluators, if requested by the Student Data Administrator.
-
Consult with NAVIGATOR POINTE ACADEMY’s internal data owners when creating or disseminating reports containing data.
-
Use password-protected LEA-authorized computers when accessing any student-level or staff-level records.
-
NOT share individual passwords for personal computers or data systems with anyone.
-
Log out of any data system/portal and close the browser after each use.
-
Store sensitive data on appropriate-secured location. Unsecured access and flash drives, DVD, CD-ROM or other removable media, or personally owned computers or devices are not deemed appropriate for storage of sensitive, confidential or student data.
-
Keep printed reports with personally identifiable information in a secure location while unattended, and use the secure document destruction service provided at NAVIGATOR POINTE ACADEMY when disposing of such records.
-
NOT share personally identifying data during public presentations, webinars, etc. If users need to demonstrate student/staff level data, demo records should be used for such presentations.
-
Redact any personally identifiable information when sharing sample reports with general audiences, in accordance with guidance provided by the student data manager, found in Appendix B (Protecting PII in Public Reporting).
-
Take steps to avoid disclosure of personally identifiable information in reports, such as aggregating, data suppression, rounding, recoding, blurring, perturbation, etc.
-
Delete files containing sensitive data after using them on computers, or move them to secured servers or personal folders accessible only by authorized parties.
-
NOT use email to send screenshots, text, or attachments that contain personally identifiable or other sensitive information. If there is any doubt about the sensitivity of the data the Student Data Administrator should be consulted.
-
Use secure methods when sharing or transmitting sensitive data. The approved method is the NAVIGATOR POINTE ACADEMY’s Secure File Transfer Protocol (SFTP) website. Also, sharing within secured server folders is appropriate for NAVIGATOR POINTE ACADEMY’s internal file transfer.
-
NOT transmit student/staff-level data externally unless expressly authorized in writing by the data owner and then only transmit data via approved methods such as described in item ten.
-
Limit use of individual data to the purposes which have been authorized within the scope of job responsibilities.
4.4 DATA SECURITY AND PRIVACY TRAINING
4.4.1 PURPOSE
NAVIGATOR POINTE ACADEMY will provide a range of training opportunities for all NAVIGATOR POINTE ACADEMY Employees, including volunteers, contractors with access to student educational data or confidential educator records in order to minimize the risk of human error and misuse of information, as outlined in the Navigator Pointe Academy NPA Employee Security and Privacy Training Policy.
4.4.2 COMPLIANCE
-
NAVIGATOR POINTE ACADEMY requires a targeted Security and Privacy Training for Data Stewards and IT staff for other specific groups within the agency that collect, store, or disclose data. The Student Data Manager will identify these groups and will determine the annual training topics for these targeted groups based on NAVIGATOR POINTE ACADEMY training needs.
-
New employees that do not comply may not be able to use NAVIGATOR POINTE ACADEMY networks or technology. Within the first week of employment, all NAVIGATOR POINTE ACADEMY board members, employees, and contracted partners also must sign and obey the NAVIGATOR POINTE ACADEMY Employee Non-Disclosure Agreement, which describes appropriate uses and the safeguarding of student and educator data.
-
All current NAVIGATOR POINTE ACADEMY board members, employees, and contracted partners are required to participate in an annual Security and Privacy Fundamentals Training Curriculum within 60 days of the adoption of this rule.
-
NAVIGATOR POINTE ACADEMY requires a targeted Security and Privacy Training for Data Stewards and IT staff for other specific groups within the agency that collect, store, or disclose data. The Student Data Manager will identify these groups and will determine the annual training topics for these targeted groups based on NAVIGATOR POINTE ACADEMY training needs.
-
Participation in the training as well as a signed copy of the Employee Non-Disclosure Agreement will be monitored annually by administrators.
-
Employees that do not comply may not be able to use NAVIGATOR POINTE ACADEMY networks or technology.
5. DATA DISCLOSURE
​
5.1 Purpose
Providing data to persons and entities outside of the NAVIGATOR POINTE ACADEMY increases transparency, promotes education in NAVIGATOR POINTE ACADEMY, and increases knowledge about Utah public education. This policy establishes the protocols and procedures for sharing data maintained by NAVIGATOR POINTE ACADEMY It is intended to be consistent with the disclosure provisions of the federal Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. 1232g, 34 CFR Part 99 and Utah’s Student Data Protection Act (SDPA), U.C.A §53A-1-1401.
5.2 Policy for disclosure of Personally Identifiable Information (PII)
​
5.2.1 Student or Student’s Parent/Guardian Access
In accordance with FERPA regulations 20 U.S.C. § 1232g (a)(1) (A) (B) (C) and (D), NAVIGATOR POINTE ACADEMY will provide parents with access to their student’s education records, or an eligible student access to his or her own education records (excluding information on other students, the financial records of parents, and confidential letters of recommendation if the student has waived the right to access), within 45 days of receiving an official request NAVIGATOR POINTE ACADEMY is not required to provide data that it does not maintain, nor is NAVIGATOR POINTE ACADEMY required to create education records in response to an eligible student's request.
​
5.2.2 Third Party Vendor
Third party vendors may have access to students’ personally identifiable information if the vendor is designated as a “school official” as defined in FERPA, 34 CFR §§ 99.31(a)(1) and 99.7(a)(3)(iii). A school official may include parties such as: professors, instructors, administrators, health staff, counselors, attorneys, clerical staff, trustees, members of committees and disciplinary boards, and a contractor, consultant, volunteer or other party to whom the school has outsourced institutional services or functions.
All third-party vendors contracting with NAVIGATOR POINTE ACADEMY must be compliant with Utah’s Student Data Protection Act (SDPA), U.C.A §53A-1-1401. Vendors determined not to be compliant may not be allowed to enter into future contracts with NAVIGATOR POINTE ACADEMY without third-party verification that they are compliant with federal and state law and board rule.
​
5.2.3 Internal Partner Requests
Internal partners to include LEA and school officials that are determined to have a legitimate educational interest in the information. All requests shall be documented in NAVIGATOR POINTE ACADEMY’s Data Governance Plan Resource Binder, TAB #5.
​
5.2.4 Governmental Agency Requests
NAVIGATOR POINTE ACADEMY may not disclose personally identifiable information of students to external persons or organizations to conduct research or evaluation that is not directly related to a state or federal program reporting requirement, audit, or evaluation. The requesting governmental agency must provide evidence the federal or state requirements to share data in order to satisfy FERPA disclosure exceptions to data without consent in the case of a federal or state
-
reporting requirement
-
audit
-
evaluation
The Student Data Manager will ensure the proper data disclosure avoidance are included if necessary. An Interagency Agreement must be reviewed by legal staff and must include “FERPA-Student Level Data Protection Standard Terms and Conditions or Required Attachment Language.”
5.3 Policy for External disclosure of Non-Personally Identifiable Information (PII)
5.3.1 Scope
External data requests from individuals or organizations that are not intending on conducting external research or are not fulfilling a state or federal reporting requirement, audit, or evaluation.
5.3.2 Student Data Disclosure Risk Levels
NAVIGATOR POINTE ACADEMY has determined three levels of data requests with corresponding policies and procedures for appropriately protecting data based on risk: Low, Medium, and High. The Student Data Manager and School Director will make final determinations on classification of student data requests risk level.
5.3.2.1 Low-Risk Data Request Process
Definition: High-level aggregate data
Example:
-
Graduation rate by year for the state
Process: Requester creates a ticket and the Data Request is forwarded to the appropriate Data Steward. Data Steward fulfills the request and saves the dataset in a secure folder managed by the Information Systems Officer. The Data Steward closes the ticket
​
5.3.2.2 Medium-Risk Data Request Process
Definition: Aggregate data, but because of potentially low n-sizes, the data must have disclosure avoidance methods applied.
Examples:
-
Graduation rate by year and LEA, Child Nutrition Program Free or Reduced Lunch percentages by school Lunch percentages by school
Process: Requester creates a ticket, Data Request forwarded to appropriate Data Steward, Data Steward fulfills request, apples appropriate disclosure avoidance techniques, and sends to another Data Steward for Quality Assurance (ensuring student data protection). If it passes QA, data are sent to requester and the dataset is saved in a secure folder managed by the IT Systems and Security Administrator. Data Steward closes the ticket. If it does not pass QA, the data are sent back to the Data Steward for modification.
5.3.2.3 High-Risk Data Request Process
Definition: Student-level data that are de-identified.
Examples:
-
De-identified student-level graduation data
Process: Requester creates a ticket, Data Request forwarded to appropriate Data Administrator and IT Systems and Security Administrator, School Director for review. If the request is approved, it is fulfilled, an MOA is drafted and sent for a legal review, placed on a the governing board calendar, and if it passes QA, data are sent to requester and the dataset is saved in a secure folder managed by the IT System Security Officer and the ticket is closed. If it does not pass QA, the data are sent back to the Data Steward for modification.
5.4 Data Disclosure to a Requesting External Researcher or Evaluator
Responsibility: The Student Data Manager will ensure the proper data are shared with external researcher or evaluator to comply with federal, state, and board rules.
NAVIGATOR POINTE ACADEMY may not disclose personally identifiable information of students to external persons or organizations to conduct research or evaluation that is not directly related to a state or federal program audit or evaluation. Data that do not disclose PII may be shared with external researcher or evaluators for projects unrelated to federal or state requirements if:
-
A NAVIGATOR POINTE ACADEMY Director, or board member sponsors an external researcher or evaluator request.
-
Student data are not PII and are de-identified through disclosure avoidance techniques and other pertinent techniques as determined by the Student Data Management.
-
Researchers and evaluators supply the NAVIGATOR POINTE ACADEMY a copy of any publication or presentation that uses NAVIGATOR POINTE ACADEMY data 10 business days prior to any publication or presentation.
Process: A process needs to be developed for this request
6 DATA BREACH
6.1 PURPOSE
Establishing a plan for responding to a data breach, complete with clearly defined roles and responsibilities, will promote better response coordination and help educational organizations shorten their incident response time. Prompt response is essential for minimizing the risk of any further data loss and, therefore, plays an important role in mitigating any negative consequences of the breach, including potential harm to affected individuals.
6.2 DEFINITION AND TYPE OF DATA BREACH
A data breach for purposes of this Plan is any instance in which there is an unauthorized release or access of personally identifiable student data. This definition applies regardless of whether the School stores and manages the data directly or through a third-party contractor.
Types of Data Breaches. Data breaches can take many forms, including:
1. Hackers gaining access to personally identifiable student data through a malicious attack (such as phishing, virus, bait and switch, keylogger, denial of service, etc.);
2. A School employee losing School equipment on which personally identifiable student data is stored (such as a laptop, thumb drive, cell phone, etc. or having such equipment stolen;
3. An unauthorized third party retrieving personally identifiable student data from a School’s physical files;
4. A School employee accidentally emailing personally identifiable student data to an unauthorized third party; or
5. A School employee or third-party contractor saving files containing personally identifiable student data in a web folder that is publicly accessible online.
6.3 INDUSTRY BEST PRACTICES
The School takes a variety of measures to protect personally identifiable student data, including imposing disclosure prevention responsibilities on School employees, educators, volunteers, and third-party contractors. The School also follows industry best practices to maintain and protect personally identifiable student data and to prevent data breaches.
6.4 RESPONDING TO A DATA BREACH
6.4.1. REPORTING A DATA BREACH
School employees, volunteers and third-party contractors shall immediately report a data breach or a suspected data breach to the Student Data Administrator. Students and parents of students who become aware of a data breach or that suspect a data breach shall also immediately notify the Student Data Administrator.
6.4.2 DATA BREACH PROTOCOL
The student Data Administrator shall collaborate with the IT Security Officer, School Director and others, as appropriate to determine whether a data breach has occurred. If it is determined that a data breach has occurred, the School shall, under the direction of the Student Data Administrator, IT Security Officer and School Director, follow the protocol described below:
1. Lock down systems and data that have been breached or suspected to have been breached, including changing applicable passwords, encryption keys, locks, etc;
2. Assemble a Data Breach Response Team, which should include the Student Data Administrator, IT Security Officer, School Director, School employees, Board members, members of the schools IT provider, etc.
3. Record as many details about the data breach as possible, including:
a. Date and time data breach was discovered;
b. Data elements involved (for example, students’ first and last name, SSIDs, DOBs, passwords, account information, employee social security numbers, etc.
c. Data systems involved (for example, COMPASS, online registration system or other school data systems); and
d. Type of data breach (physical, such as stolen/lost paperwork or computer equipment; or electronic, such as hacking or unauthorized email transmission).
4. Assign an incident manager that has the appropriate qualifications and skills to be responsible for the investigation of the data breach;
a. Investigate scope of data breach to determine types of information compromised and number of affected individuals; and
b. Investigate the data breach in a way that will ensure that the investigative evidence is appropriately handled and preserved;
5. Attempt to retrieve lost stolen, or otherwise compromised data;
6. Determine whether notification of affected individuals is appropriate and, if so, when and how to provide such notification; notification timeframes and requirements should be identified as soon as possible and notices developed and delivered to affected individuals and agencies in accordance with regulatory mandates and timeframes;
7. If the data breach involved the release of a student’s personally identifiable student data, notify the student (if the student is an adult student) or the student’s parent or legal guardian if the student is not an adult student in a manner reasonable under the circumstances;
8. If the data breach involved the release of a student’s personally identifiable student data by a third-party contractor of the School, notify the State Superintendent as required in R277-487-3;
9. Determine whether to notify the authorities/law enforcement (situation dependent); involve legal counsel to analyze legal obligations;
10. If the School has cyber liability and/or data breach insurance coverage, determine whether or not to notify the insurance provider and make a claim on such coverage; and
11. Consult with appropriate security professionals, as necessary to identify the possible reason(s) for the data breach and how to prevent similar data breaches in the future.
Following the steps above and clearly defining the roles and responsibilities of all those involved in the step will promote better response coordination and help the School shorten its incident response time. Prompt response is essential for minimizing the risk of any future data loss and, therefore, plays an important role in mitigating any negative consequences of the breach, including potential harm to affected individuals. All work and activities performed under each of the steps above should be well documented and all documentation should be retained as required.
6.4.3 COORDINATION WITH LEGAL COUNSEL
NAVIGATOR POINTE ACADEMY may coordinate with legal counsel on the preparation and method of delivery of written materials, including notifications, related to a data breach
6.4.4 COOPERATION WITH REGULATORY AND GOVERNMENTAL AGENCIES
NAVIGATOR POINTE ACADEMY shall cooperate with regulatory and governmental agencies that make inquiries regarding a data breach
7 RECORD RETENTION AND EXPUNGEMENT
7.1 PURPOSE
Records retention and expungement policies promote efficient management of records, preservation of records of enduring value, quality access to public information, and data privacy.
7.2 PROCEDURES & PROCESSES
The following records may not be expunged: grades, transcripts, a record of the student’s enrollment, assessment information.
The procedure for expungement shall match the record amendment procedure found in 34 CFR 99, Subpart C of FERPA.
-
If a parent believes that a record is misleading, inaccurate, or in violation of the student’s privacy, they may request that the record be expunged.
-
The LEA shall decide whether to expunge the data within a reasonable time after the request.
-
If the LEA decides not to expunge the record, they will inform the parent of their decision as well as the right to an appeal hearing.
-
The LEA shall hold the hearing within a reasonable time after receiving the request for a hearing.
-
The LEA shall provide the parent notice of the date, time, and place in advance of the hearing.
-
The hearing shall be conducted by any individual that does not have a direct interest in the outcome of the hearing.
-
The LEA shall give the parent a full and fair opportunity to present relevant evidence. At the parents’ expense and choice, they may be represented by an individual of their choice, including an attorney.
-
The LEA shall make its decision in writing within a reasonable time following the hearing.
-
The decision must be based exclusively on evidence presented at the hearing and include a summary of the evidence and reasons for the decision.
-
If the decision is to expunge the record, the LEA will seal it or make it otherwise unavailable to other staff and educators.
8 QUALITY ASSURANCES AND TRANSPARENCY
8.1 PURPOSE
Data quality is achieved when information is valid for the use to which it is applied, is consistent with other reported data and users of the data have confidence in and rely upon it. Good data quality does not solely exist with the data itself, but is also a function of appropriate data interpretation and use and the perceived quality of the data. Thus, true data quality involves not just those auditing, cleaning and reporting the data, but also data consumers. Data quality is addressed in five areas:
8.1.1 DATA GOVERNANCE STRUCTURE
NAVIGATOR POINTE ACADEMY’s data governance policy is structured to encourage the effective and appropriate use of educational data. NAVIGATOR POINTE ACADEMY’s data governance structure centers on the idea that data is the responsibility of all and that data driven decision-making is the goal of all data collection, storage, reporting and analysis. Data driven decision making guides what data is collected, reported, and analyzed.
8.1.2 DATA REQUIREMENTS AND DEFINITIONS
Clear and consistent data requirements and definitions are necessary for good data quality. On the data reporting side, the production and presentation layers provide standard data definitions and business rules.
8.1.3 DATA COLLECTION
Data elements should be collected only once. Where possible, data is collected at the lowest level available (i.e. at the student/teacher level).
For all new data collections, NAVIGATOR POINTE ACADEMY provides clear guidelines for data collection and the purpose of the data request. NAVIGATOR POINTE ACADEMY also notifies stakeholders as soon as possible about future data collections.
8.1.4 DATA AUDITING
NAVIGATOR POINTE ACADEMY shall periodically conduct audits to determine compliance with this Plan and to assess the quality and effectiveness of the data privacy and security processes and procedures set forth in this Plan. The School shall use the results of such audits to determine ways in which this Plan and the School’s student data governance and management can be improved. The School may use third-party experts to assist with and/or conduct such audits.
8.1.5 QUALITY CONTROL CHECKLIST
Checklists have been proven to increase quality (See Appendix C). Therefore, before releasing high-risk data, NAVIGATOR POINTE Data Stewards will complete the data release checklist for reliability, validity and presentation.
8.1.6 Annually, NAVIGATOR POINTE ACADEMY will publicly post its
1. Metadata Dictionary, as described in Utah’s Student Data Protection Act (SPDA), U.C.A §53A-1-1401
2. Student Data Disclosure Statement
3. Information Technology Systems Security Plan; and
4. Data Governance Plan
9 DATA PRIVACY AND SECURITY TRAINING
Annually NAVIGATOR POINTE ACADEMY shall provide appropriate student data privacy training to its employees and volunteers who are authorized by the School to have access to education records as defined in FERPA.
The School shall also provide its employees with appropriate training on IT security matters.
Where required by R277-487-13, educators at the School shall complete the student data security and privacy training for educators developed by the State Superintendent as a condition of re- licensure.
​
10 APPENDIX
Appendix A. NAVIGATOR POINTE ACADEMY Employee Non-Disclosure Agreement
As an employee of NAVIGATOR POINTE ACADEMY, I hereby affirm that: (Initial)
______ I have read the Employee Non-Disclosure Assurances attached to this agreement form and read and reviewed the Student Data Privacy and Security Plan and NAVIGATOR POINTE ACADEMY policies. These assurances address general procedures, data use/sharing, and data security.
______ I will abide by the terms of the NAVIGATOR POINTE ACADEMY’s policies and its subordinate process and procedures;
______ I grant permission for the manual and electronic collection and retention of security related information, including but not limited to photographic or videotape images, of your attempts to access the facility and/or workstations.
Trainings
______ I have completed NAVIGATOR POINTE ACADEMY’s Data Security and Privacy Fundamentals Training. OR
______ I will complete NAVIGATOR POINTE ACADEMY’s Data Security and Privacy Fundamentals Training within 30 days of hire.
Using NAVIGATOR POINTE ACADEMY Data and Reporting Systems
______ I will use a password-protected computer when accessing data and reporting systems, viewing student/staff records, and downloading reports.
______ I will not share or exchange individual passwords, for either personal computer(s) or NAVIGATOR POINTE ACADEMY system user accounts, with NAVIGATOR POINTE ACADEMY staff or participating program staff without prior written consent as authorized by Student Data Administrator, to fulfill job responsibilities.
______I will lock or close my computer whenever I leave my computer unattended.
______I will only access data in which I have received permission to use in order to fulfill job duties.
______I will not attempt to identify individuals with the data, except as is required to fulfill job or volunteer duties.
Handling Sensitive Data
______ I will keep sensitive data on password-protected LEA-authorized computers.
______ I will keep any printed files containing personally identifiable information in a locked location while unattended.
______ I will not share student/staff-identifying data during public presentations, webinars, etc. I understand that dummy records should be used for such presentations.
______ I will delete files containing sensitive data after working with them from my desktop or local computer drives.
​
Reporting & Data Sharing
______ I will not disclose, share, or publish any confidential data analysis without the approval of my supervisor.
______ I will take steps to avoid disclosure of personally identifiable information in LEA- or school-level reports, such as aggregating, data suppression, rounding, recoding, blurring, perturbation, etc.
______ I will not use email to send screenshots, text, or attachments that contain personally identifiable or other sensitive information. If I receive an email containing such information, I will delete the screenshots/text when forwarding or replying to these messages.
______I will not transmit student/staff-level data externally unless explicitly authorized in writing.
______ I understand that when sharing student/staff-identifying data with authorized individuals, the only approved methods are phone calls or NAVIGATOR POINTE ACADEMY’s Secure File Transfer Protocol (SFTP). Also, sharing within secured server folders is appropriate for NAVIGATOR POINTE ACADEMY internal file transfers.
______ I will immediately report any data breaches, suspected data breaches, or any other suspicious activity related to data access to my supervisor and the NAVIGATOR POINTE ACADEMY Information Technology Security Administrator. Moreover, I acknowledge my role as a public servant and steward of student/staff information, and affirm that I will handle personal information with care to prevent disclosure.
Consequences for Non-Compliance
______ I understand that access to the NAVIGATOR POINTE ACADEMY network and systems can be suspended based on any violation of this contract or risk of unauthorized disclosure of confidential information;
______I understand that failure to report violation of confidentiality by others is just as serious as my own violation and may subject me to personnel action, including termination.
Termination of Employment
______I agree that upon the cessation of my employment from NAVIGATOR POINTE ACADEMY, I will not disclose or otherwise disseminate any confidential or personally identifiable information to anyone outside of NAVIGATOR POINTE ACADEMY without the prior written permission of the NAVIGATOR POINTE ACADEMY Director.
Print Name: ___________________________________
Signed: _______________________________________
Date: __________________ Appendix B. Protecting PII in Public Reporting
Appendix B. NAVIGATOR POINTE ACADEMY
Protecting Personally Identifiable Information (PII) in Public Reporting
Public education reports offer the challenge of meeting transparency requirements while also meeting legal requirements to protect each student’s personally identifiable information (PII). Recognizing this, the reporting requirements state that subgroup disaggregation of the data may not be published if the results would yield personally identifiable information about an individual student. While the data used by NAVIGATOR POINTE ACADEMY is comprehensive, the data made available to the public is masked to avoid unintended disclosure of personally identifiable information at summary school or LEA -level reports.
This is done by applying the following statistical method for protecting PII.
-
Underlying counts for groups or subgroups totals are not reported.
-
If a reporting group has 1 or more subgroup(s) with 10 or fewer students.
-
The results of the subgroup(s) with 10 or fewer students are recoded as “N<10”
-
For remaining subgroups within the reporting group
-
For subgroups with 300 or more students, apply the following suppression rules.
-
Values of 99% to 100% are recoded to ≥99%
-
Values of 0% to 1% are recoded to ≤1%
-
-
For subgroups with 100 or more than but less than 300 students, apply the following suppression rules.
-
Values of 98% to 100% are recoded to ≥98%
-
Values of 0% to 2% are recoded to ≤2%
-
-
For subgroups with 40 or more but less than 100 students, apply the following suppression rules.
-
Values of 95% to 100% are recoded to ≥95%
-
Values of 0% to 5% are recoded to ≤5%
-
-
For subgroups with 20 or more but less than 40 students, apply the following suppression rules.
-
Values of 90% to 100% are recoded to ≥90%
-
Values of 0% to 10% are recoded to ≤10%
-
Recode the percentage in all remaining categories in all groups into intervals as follows (11-19,20-29,…,80-89)
-
-
For subgroups with 10 or more but less than 20 students, apply the following suppression rules.
-
Values of 80% to 100% are recoded to ≥80%
-
Values of 0% to 20% are recoded to ≤20%
-
Recode the percentage in all remaining categories in all groups into intervals as follows (20-29,30-39,…,70-79)
-
-
-
Appendix C. Example Quality Control Checklist
Reliability (results are consistent)
-
Same definitions were used for same or similar data previously reported or it is made very clear in answering the request how and why different definitions were used
-
Results are consistent with other reported results or conflicting results are identified and an explanation provided in request as to why is different
-
All data used to answer this particular request was consistently defined (i.e. if teacher data and student data are reported together, are from the same year/time period)
-
Another NAVIGATOR POINTE ACADEMY data steward could reproduce the results using the information provided in the metadata
Validity (results measure what are supposed to measure, data addresses the request)
-
Request was clarified
-
Identified and included all data owners that would have a stake in the data used
-
Data owners approve of data definitions and business rules used in the request
-
All pertinent business rules were applied
-
Data answers the intent of the request (intent ascertained from clarifying request)
-
Data answers the purpose of the request (audience, use, etc.)
-
Limits of the data are clearly stated
-
Definitions of terms and business rules are outlined so that a typical person can understand what the data represents
Presentation
-
Is date-stamped
-
Small n-sizes and other privacy issues are appropriately handled
-
Wording, spelling, and grammar are correct
-
Data presentation is well organized and meets the needs of the requester
-
Data is provided in a format appropriate to the request
-
A typical person could not easily misinterpret the presentation of the data
10.03.19