PALO ALTO UNIFIED SCHOOL DISTRICT
TECHNOLOGY USER HANDBOOK
A Guide to the Internet
and
District Electronic Information Systems
Acceptable Use Agreement
MARCH 2008
TABLE OF CONTENTS
I.
PAGE
Introduction....................................................................................................................................................... 1
II.
PAUSD Network/Resources ............................................................................................................................ 1
III.
Bob –– your web cat! ....................................................................................................................................... 2
IV.
PAUSD and the Internet .................................................................................................................................. 2
V.
User Guidelines and Standards of Conduct
A. Ethical Conduct for Electronic Users.............................................................................................. 3
B. Educational Use .............................................................................................................................. 3
C. Respect for Others .......................................................................................................................... 3
D. Respect for Security........................................................................................................................ 3
E. Respect for Property ....................................................................................................................... 4
F. Mail Usage....................................................................................................................................... 4
G. Internet/ Web Responsibilities ........................................................................................................ 4
VI.
Guidelines for Developing Web Pages ........................................................................................................... 6
VII.
Copyright in Web Development....................................................................................................................... 6
VIII. Policies, Guidelines, and Forms
A. Information Technology Background.............................................................................................. 7
B. Technology Use Policy.................................................................................................................... 9
C. Information Technology – Data and Services/Security, Usage, and Recovery Policy............... 10
D. Student Records/Access to and Release of Information............................................................. 14
E. Guidelines for Network Usage...................................................................................................... 19
F. Guidelines for Issuing Employee Accounts and Services ........................................................... 21
• E-Mail ...................................................................................... 21
• Passwords............................................................................... 21
• Calendar.................................................................................. 22
• Distribution Lists...................................................................... 22
• Antivirus Scanner.................................................................... 22
• Junk Mail (SPAM) ................................................................... 22
• Filters....................................................................................... 23
• Student Administrative Student Information (SASIxp) ......... 23
• Fuji........................................................................................... 23
• Professional Development ..................................................... 23
H. E-Mail Welcome Letter.................................................................................................................. 24
IX.
Terms and Conditions and Acceptable Use Agreement
A. Terms and Conditions ................................................................................................................... 25
B. Acceptable Use Agreement .......................................................................................................... 26
-i-
TECHNOLOGY USER HANDBOOK
A Guide to the Internet and District Electronic Information Systems
I.
INTRODUCTION
All Palo Alto Unified School District (PAUSD) schools are linked electronically through a data network (Local Area
Network (LAN) and Wide Area Network) that allows students and staff to communicate with each other and the PAUSD
greater community. The PAUSD data network also provides access to outside resources, including the Internet.
Through the Internet, PAUSD users can access local, national, and international electronic resources, including
universities, libraries, schools, businesses, and individuals, and find information not previously or easily available.
PAUSD users and schools can also access, create, and maintain Web pages on the Web (WWW).
Together, PAUSD’s computer equipment, the PAUSD network resources, e-mail services, and access to outside
resources including Web pages and the Internet make up PAUSD’s electronic information systems. This handbook
provides information, guidelines, rules, and Terms and Conditions for PAUSD’s electronic information systems users.
Use of PAUSD’s electronic information systems is a privilege that the District extends to users in order to support their
work and communication. This Handbook contains an Acceptable Use Agreement that new employees must sign and
return to the District before the user may use the District electronic resources. The District will keep this Agreement on
file as assurance that each new staff user has read and agreed to abide by the PAUSD rules and guidelines for
network use. Users who do not return a signed Acceptable Use Agreement may not use the District electronic
resources.
PAUSD will train each user who returns a signed Acceptable Use Agreement on appropriate use.
DEFINITION OF TERMS
The terms “Computer systems” and “electronic information systems” include, but are not limited to: hardware,
software, communication lines and devices, graphing calculators, terminals, printers, CD-ROM devices, tape drives,
scanners, and micro-, mini-, and mainframe computers.
The term “users” refers to all individuals authorized to access the computer system.
The term “Internet access” includes all methodologies used to connect to individual computer networks around the
world.
The term “World Wide Web” (WWW) is an Internet service that organizes information using graphics and point-andclick technology. It lets the user read and navigate to text and visual information in a nonlinear way that is based on
what the user wants to read next. Each document can contain embedded references to images, audio, or other
documents. Users can browse for information by following references.
The term “Website” is a collection of documents written in hypertext markup language (HTML). The Web browser
accesses the Website using the hypertext transfer protocol (HTTP).
The term “Web page” refers to a document written in hypertext markup language (HTML). The page can contain a
mixture of graphics and text and can include embedded references to other such pages.
II.
PAUSD NETWORK/RESOURCES
The PAUSD network/resources connects PAUSD schools and offices. Users can send and receive e-mail messages
within the PAUSD community, and access other District information.
The PAUSD network/resources serves two main functions: instruction and school-related business. Both of these
functions support PAUSD’s goal of achieving educational excellence for all students. The PAUSD network/resources
belongs to PAUSD. Staff should never consider any information—including e-mail messages, which they send,
receive, or view on the network––as “private” or “personal.” Users utilizing PAUSD’s network/resources should keep in
mind that PAUSD reserves the right to access, inspect, and observe communications and activities on the PAUSD
network.
-1-
III.
BOB –YOUR WEB CAT!
Meet Bob
Bob is the name of PAUSD’s new Staff Intranet site. Bob is an internal site that
houses a wealth of information for staff.
Bob is available from any computer on the District network by clicking on the Staff
Login directly from the PAUSD Internet Web site. You can directly access Bob at
http://bob.pausd.org. You will see a “Bob Sign In” page. Login to Bob with your
username (your e-mail name without the pausd.org) and your e-mail password.
A few of the topics you can access are:
• Districtwide calendar
• Human Resources forms
• Staff e-mail addresses
• Staff development workshops
• District news/newsletters
• Contract settlements
• IMC catalog and online ordering
• TOSA Math site for math curriculum guides, resources, standards, etc.,
• Science Resource Center information for ordering kits online, equipment and life
science materials
…and much more
Bob is a work in progress––new topics and features will be added throughout the
school year and information is continually being updated
IV. PAUSD AND THE INTERNET
Palo Alto Unified School District intends that staff use Internet connections for purposes consistent with PAUSD
curriculum, in much the same way that students use library materials. The Internet is a global network made up of
smaller contributing networks supporting the open exchange of information among many different kinds of institutions
and millions of individuals worldwide. It provides immediate access to a wide variety of national and international
electronic resources.
The Internet is not like a school library where the collection is organized and designed to support a specific curriculum.
The Internet is an unregulated collection of resources that includes materials that may be inaccurate, illegal,
defamatory, potentially offensive or objectionable, and not age-appropriate. The Internet is not organized, and materials
available through it have not been screened or censored. The Internet provides access to material that is inappropriate
for staff use in an educational setting, including material that is threatening, pornographic, sexually explicit, or that
advocates violence. It is important that parents and guardians recognize that unregulated access to Internet resources
may not be appropriate or safe for their child. Nevertheless, PAUSD believes that the benefits to users from Internet
access—including information resources, technological skill development, and international communication and
collaboration opportunities—far exceed the disadvantages.
The Internet is also a public place, and anyone using it shares that space with other users. There is no privacy on the
Internet, and users must realize that they should have no expectation that any communication or materials they send,
receive, or view will be private. Other users can track any Internet site a user visits, and other users can monitor any
information a user sends or receives over the Internet. PAUSD retains the right to access, inspect and observe user
Internet use in the same way it monitors PAUSD intranet use: in order to minimize user contact with harmful matter and
to prevent misuse.
PAUSD makes no warranties of any kind, either expressed or implied, for the electronic information services it provides
or the information users may access using those systems. PAUSD is not responsible for any damages users suffer
while using PAUSD electronic information systems, including damages resulting from loss of data as a result of delays,
non-deliveries, misdeliveries, or service interruptions caused by the system, user errors or omissions, or by power
failures. Users utilize information obtained from PAUSD electronic information systems at their own risk. PAUSD
specifically denies any responsibility for the accuracy of information students may obtain from sources outside the
District.
-2-
V.
USER GUIDELINES AND STANDARDS OF CONDUCT
The information systems and Internet access available at PAUSD are intended for
educational purposes consistent with PAUSD curriculum. The use of the information systems
is a privilege, not a right.
Users operate these electronic information systems for the mutual benefit of all concerned, and all users are expected
to assist in the successful operation of the facilities. Users should not, or attempt to, do anything, that might disrupt the
operation of the network or equipment and/or interfere with learning. The following guidelines are intended to help users
understand appropriate use. The principal or program manager shall pre-approve all access to electronic information
systems. The school and District may restrict or terminate any user’s access, without prior notice, if such action is
deemed necessary to maintain computing availability and security for other users of the systems. Other disciplinary
action may also be imposed.
A. ETHICAL CONDUCT FOR ELECTRONIC USERS
It is the responsibility of all users of information resources and information technology
• to recognize and honor the intellectual property of others.
• to comply with legal restrictions regarding plagiarism and the use and citation of information resources.
• to restrict the use of the electronic information systems and resources to the mission or function of the
school system. The use of electronic information systems for private gain is prohibited.
• to help maintain the integrity of the electronic information system. Deliberate tampering or
experimentation is not allowed. It is a violation to modify system folders or control panel files without prior
approval of the system administrator.
B. EDUCATIONAL USE
The electronic information systems are intended for educational purposes. Users are responsible for the ethical
and educational use of their network accounts.
• School-related files are the only files to be saved on a user’s account. Storing commercial software and/or
games or hidden files to a user’s account is not permitted.
• Storing and/or playing commercial games is not permitted.
C. RESPECT FOR OTHERS
Users should respect the rights of others using the computers and/or network.
• Use assigned workstations.
• Be considerate when using scarce resources (scanners, printers, paper, and bandwidth).
• Always log off of a workstation.
• Avoid deliberately attempting to disrupt systems performance or interfering with the work of another user.
• Leave equipment and workspace in good condition for the next user.
D. RESPECT FOR SECURITY
Accounts on the systems of Palo Alto Unified School District are considered secure, although absolute security of
any data cannot be guaranteed. The system administrator or designee has access to files for system maintenance
and monitoring.
• Use only your account/password. It is a violation to give access to your password to any other user.
-3-
E. RESPECT FOR PROPERTY
Software may only be installed on the school information systems, including all individual workstations, with prior
approval from the Director of Technology.
1. Software Copyright
Software to be used on school electronic information systems (with the exception of user projects/products)
are those products for which the school owns a valid license or which the school may legally use.
•
Copyrighted software shall not be downloaded from the Internet or further transmitted in any form
without compliance with all terms of a preauthorized licensing agreement.
•
Infringement or violation of U.S. or international copyright laws or restrictions will not be tolerated.
•
Any attempt to circumvent the licensing control or copy software from the network is prohibited.
2. Hardware
• Report equipment problems immediately to technology staff or network administrator.
•
Leave workstations and peripherals in their designated places.
•
Keep work areas neat and clean and free from food and drink.
F. MAIL USAGE
The e-mail communication system on the Palo Alto Unified School District network is a public communication
system designed for instructional purposes, school district business and incidental personal use and may be
subject to review and monitoring. Users have the following responsibilities:
•
Electronic communication (e-mail) is to be restricted to appropriate communications.
•
Maintain the integrity of the private electronic mail system. The user has the responsibility to report all
violations of security.
•
Report to the principal or system administrator all e-mail received by him/her that contains pornographic
material, inappropriate information or text-encoded files that are potentially dangerous to the integrity of
the hardware on school premises.
•
Sending e-mail to general audiences is inappropriate, i.e. chain mail.
•
All mail communications must reflect the sender’s account I.D.
•
Real time messages and on-line chat rooms may only be used with
the permission of the principal or system administrator.
•
Users should not reveal personal information in correspondence with
unknown parties.
•
Users are responsible for all mail maintained and/or stored under their user accounts.
G. INTERNET/ WEB RESPONSIBILITIES
It's easy to create your own Web page with one of the many WYSIWYG (e.g., Dreamweaver and FrontPage)
programs that are now available. However, if you plan to develop resources that will be a respectable
representation of your work, your department, or your organization, and by reflection the District as a whole, you
need to consider the broader implications of Web development.
Before developing materials for the PAUSD Web, take time to familiarize yourself with the PAUSD site and the
Web in general. Use the PAUSD Google Search option to find other District pages related to your topic. You may
discover documents to link to your own, and you may find that you can refer to existing resources rather than
creating new ones.
-4-
You will need to invest some time in learning how to use software tools to create Web files. In addition, once Web
files are made public, they require maintenance. When you make files available on the Web, you are creating a
public access resource that Web users around the world will refer to as they add your URLs (Uniform Resource
Locators) to their bookmarks and create links to your files from their own Web files. The metaphor of the "Web" is
appropriate, in that World Wide Web files interconnect to form an extremely elaborate and sophisticated pattern of
cross-references and interrelations. If you move or remove your Web files after they have been made public, you
tear a hole in the Web, and anyone who has created links to your materials will find only “error” messages.
Furthermore, poorly maintained Web files reflect badly on the District as a whole, and out-of-date Web materials
are in some cases worse than not having the materials available at all. Therefore, persons responsible for
maintaining Web pages should be willing to make a commitment to provide a stable structure and long-term
maintenance for their files.
Individuals responsible for developing Web pages are responsible for following all applicable policies and laws that
pertain to Web publishing. At PAUSD, these include, but are not limited to, the Technology Use Policy, the
Developing Web Pages Guidelines, the Internet Development Principles, and the Responsibilities of Web
Development. You should also review the relevant information on Copyright in Web Development. Webmasters or
other individuals (i.e., Web editors, etc.) publishing Web page(s) must read and agree to abide by these policies
before making materials available on the Web. In addition, all members of the District community are bound by
federal and local laws relating to civil rights, harassment, copyright, security, and other statutes relating to
electronic media.
•
The user, exercising his/her privilege to use the Internet as an educational resource, shall also accept the
responsibility for all material created and/or sent under his/her account.
•
All users are prohibited from accessing portions of the Internet that do not promote the instructional
mission of Palo Alto Unified School District and which do not comply with Internet User Standards and
Guidelines.
•
All Web pages are subject to initial approval and ongoing review according to the Guidelines for
Developing World Wide Web Pages. All Web pages should reflect the mission and character of the
District and school.
-5-
VI. GUIDELINES FOR DEVELOPING WEB PAGES
All Web pages that PAUSD sponsors or permits to reside on its Web servers shall reflect the
character and mission of the District, school or school group creating or maintaining the Web page.
Web pages shall have a clear purpose and contain meaningful information. All Web pages that
become a part of the PAUSD network must be reflected in a responsible, ethical and legal manner
in accordance with the mission and policies of PAUSD and be in compliance with state and federal
laws.
All Web pages that become a part of the PAUSD Web site must be created in the context of a
course and under the supervision of an instructor.
Web authors are encouraged to include the Web author’s name and school e-mail address on
each page.
Students will always be asked first if it is permissible to display a particular piece of work on the
Internet. If the student agrees, and parents/guardians have signed the Acknowledgements and
Permissions form giving permission, then the teacher can display the student’s work on the
Internet.
Authors shall also:
• identify any elementary or secondary student work and images only by first name or initials
 No images or last names of elementary school students are allowed
 No images of secondary school students are allowed without parent permission
• solicit comments from Web page users through school channels only
• not establish links to Web pages that violate PAUSD rules
• not present copyrighted images, music or text on Web pages without specific written permission from the
copyright owner
• properly credit non-copyrighted images, music and text to the author and retain materials that establish
authorship and the lack of copyright
VII. COPYRIGHT IN WEB DEVELOPMENT
A creative work, be it an e-mail message or a School Accountability Report Card, is copyrighted from the moment it is fixed in
a tangible medium. No statement or registration is required. Nevertheless, in order to let others know a work is copyrighted
and to deter possible infringements, Palo Alto Unified School District recommends that the following general copyright
statement be applied to top level pages of the Palo Alto Unified School District Web structure:
© Copyright 2006, Palo Alto Unified School District
This statement covers the entire District Web structure, and therefore the statement does not need to be included on every
Web page. However, if an author of Web pages feels that his or her pages will be widely used by those outside the Palo Alto
Unified School District community, we recommend that this or a similar copyright statement be attached.
Web developers may also wish to make their copyright statements link to the Copyright Information Page, which provides
more detailed explanations of what may and may not be done with the Palo Alto Unified School District copyrighted materials.
Web pages may be copyrighted by the Palo Alto Unified School District, by a department or program within the District, or by
an individual, depending on who owns the rights to the materials included in the Web pages. If you have questions about
ownership or wish to make changes to the Copyright Information Page to suit particular circumstances regarding your Web
pages, contact Educational Technology.
As your Web pages change over time, you should extend the copyright date to cover all relevant years, i.e., © Copyright 20032006, the Palo Alto Unified School District.
All the Palo Alto Unified School District Web developers must respect the copyrights of others. See the Technology Use
Policy.
For more information about copyright in general, consult the following:
• The UT System Crash Course in Copyright
• U.S. Copyright Office
-6-
VIII. POLICIES, GUIDELINES AND FORMS
A.
INFORMATION TECHNOLOGY GUIDELINES
BACKGROUND
The Information Technology (IT) Department of the Palo Alto Unified School District (PAUSD) redesigned its Wide Area
Network in the fall of 2000. In tandem with this process, Guidelines were established to assist development, implementation
and ongoing evaluation. The following guidelines were developed:
GUIDING P RINCIPLES
A. The Palo Alto Unified School District IT Department is committed to the creation, operation and maintenance of a
networked computing environment that meets the needs of the PAUSD. The service goals are stability, security and
affordability.
B. It is not appropriate for the PAUSD to pioneer new models for IT service. The Department plans to follow industry best
practices in order to maximize stable service per dollar. This will do the best job of staying within the budget while meeting
the needs of the PAUSD community. Given the nature of that community, it should be noted that sometimes it is not
possible to meet both needs and expectations. The policy is to accommodate the user community as much as possible,
but not to stray from the ‘Best Practice’ models that are adopted as guidelines.
NEEDS AND EXPECTATIONS
There are several different conceptual models for Internet service. The ‘public access’ model exemplified by AOL and
Earthlink offers uniform access from everywhere, but does not address issues of security, privacy and authentication. For
example, AOL does not make the personnel records of its staff available online to AOL customers. These are available only to
authorized AOL employees and, in general, they can access such information only from inside AOL’s office buildings.
The ‘enterprise networking’ model is a private-sector model that is in wide use in Silicon Valley and around the world. It
recognizes that an enterprise, such as Hewlett-Packard, a city government, a public hospital, or a school district such as
PAUSD, has information to keep private and has an obligation to differentiate between people who have legitimate access to
information and people who do not.
Every classroom contains information that PAUSD is obligated not to make public. Visitors to every school site are required to
identify themselves at the office before conducting their business. Similarly, every computer in PAUSD, including those not
operated by PAUSD IT staff, can potentially contain information that PAUSD is obligated not to make public. It is not realistic
to require that individual computers be locked, protected or turned off. Inside school property, the purpose is education, not
security. Instead, a protective boundary must be formed around PAUSD so that everyone can safely operate within these
boundaries.
Once a boundary has been created, access to the inside from the outside, or to the outside from the inside, will necessarily be
different from ordinary unrestricted access. While endeavors will be made to ensure that all PAUSD staff are able to access
the computing environment from home or from school, the Department does not propose to make cross-boundary access be
transparent. There is a significant difference between access from home and access from school and no attempt will be made
to make them be the same.
GENERAL GUIDELINES
A. Equipment
The three most important properties of an overall network are stability, security and affordability. The PAUSD is
committed to maximize the stable service dollar and not buy less expensive equipment at the expense of labor cost of
operation. We will maximize the stable service per dollar.
B. Access
An ‘enterprise computing’ model will be used in which there is a formal boundary between the inside and the outside that
will require current best-practice authentication techniques for people wishing to access the network from the outside.
Similarly, it may be necessary to channel certain kinds of inside-to-outside access through formal access points, such as
web proxies, ftp proxies or mail gateways. At some point, there may be a need to block certain services, such as Napster,
from being used in certain schools.
-7-
C. Support and Reliability
There are many different computer services available on the Internet. Not all are critical to PAUSD, but many non-critical
services are valuable to individual staff. For example, foreign language teachers may find it very valuable to be able to
receive RealAudio transmissions from other countries, but RealAudio in general is not a critical service for the IT
Department to support. The policy is to support e-mail, web access, web service and File Transfer Protocol (FTP) access
so that these services can be used from school or home. Individual staff may find other services useful, but the
Department does not have the resources to support those other services if, for some reason, the services should stop
working.
D. IT Department’s Role in Meeting Client Needs
The PAUSD IT Department exists to serve the needs of the PAUSD and its staff. The long-term policy is to evolve the
organization and the services it provides as the nature of the online world changes. The intent is to carefully balance
between changing too slowly and changing too quickly. If the change is too slow, the Department by definition is not
responsive to the clients’ evolving needs. If the change is to quick, then the Department is probably not taking the time to
study the whole-system effect of that change on the rest of the client base and on the stability and cost of the network.
-8-
B.
TECHNOLOGY USE POLICY– EMPLOYEE
The Board of Education provides electronic information services to employees and students in order to promote educational
excellence, creativity, efficiency and effective workplace skills. Accesses to resources such as Intranet, Internet and e-mail
have significant implications for the instructional program, operational efficiency of the District and professional development
opportunities.
While access to local, national and international sources of information are vital to the work of students and staff, electronic
information resources carry with them the responsibility to respect and protect the rights of users and providers. Staff
members and students are expected to act in a responsible, ethical and legal manner in accordance with the mission and
policies of the PAUSD, and of state and federal laws.
Before using online services, users shall sign the District’s use agreement indicating that the user understands and agrees to
abide by specific user obligations and responsibilities.
The Superintendent shall establish administrative regulations governing the use of the District’s electronic information
systems. These regulations shall prohibit access to harmful matter on the Internet, which may be obscene or pornographic
and preclude other misuses of the system. Misuse of the systems may result in disciplinary action, revocation of the user
account or disciplinary legal action as appropriate.
Board Policy 11/99
ADMINISTRATIVE PROCEDURES –– EMPLOYEE USE OF DISTRICT ELECTRONIC INFORMATION SYSTEMS
Employees are authorized to use the District’s electronic information systems in accordance with user obligations and
responsibilities specified below.
a. The employee in whose name an online services account is issued is responsible for its proper use at all times. Users
shall keep personal account numbers, home addresses and telephone numbers private. They shall use the system only
under their own account password.
b. Employees shall use the system only for instructional purposes, school District business, and incidental personal use.
Commercial and political use is strictly prohibited. The District reserves the right to monitor any online communications for
improper use.
c. Classified and certificated instructional personnel who utilize District electronic information systems in an instructional
setting will take reasonable precautions to ensure that students do not engage in activity prohibited by this Administrative
Procedure or that threatens systems security.
d. Violations of user obligations or responsibilities may result in the cancellation of user or other disciplinary action.
Violations include uploading, downloading or creating computer viruses and/or any malicious attempt to harm or destroy
District equipment or materials or the data of any other user.
e. Users shall not read other users’ mail or files; they shall not attempt to interfere with other users’ ability to send or receive
electronic mail, nor shall they attempt to delete, copy, modify or forge other users’ mail.
f. Users shall report any security problem or misuse of the network to the Superintendent/designee.
g. The PAUSD electronic information systems shall not be used to:
(1) Solicit, send, post, publish, store, or access harmful matter or material that is abusive, threatening, obscene,
pornographic, or sexually explicit, or that could be construed as harassment or disparagement of others on the basis
of race, national origin, sex, sexual orientation, age, religion, or disability. Harmful matter includes matter, taken as a
whole, which to the average person, applying contemporary statewide standards, appeals to the prurient interest, and
is matter which depicts or describes in a patently offensive way sexual conduct, and which lacks serious literary,
artistic, political or scientific value for minors. (Penal Code 313.)
(2) Encourage the use of drugs, alcohol, or tobacco, or promote any activity that PAUSD policy or the law prohibits.
(3) Transmit material over PAUSD electronic information systems in violation of any federal or state laws, including, but
not limited to, pornography and copyright laws. Copyrighted material may not be placed on the system without the
author’s permission. Users may download copyrighted material for their own use only.
(4) Urge the support or defeat of any ballot measure or candidate on PAUSD Electronic Information Systems.
Board Procedures 11/99
-9-
C.
INFORMATION TECHNOLOGY – DATA AND SERVICES/SECURITY, USAGE, AND RECOVERY
The Board of Education recognizes the importance of establishing procedures for data and services, usage, security and
recovery for computer resources for Palo Alto Unified School District (PAUSD).
The Department of Information Technology shall develop and maintain data security guidelines and standards to ensure
that all student, personnel, financial or other vital data residing on PAUSD computer and network systems receive
security protection from unauthorized use, access or distribution.
Board Policy 6/03
ADMINISTRATIVE PROCEDURES
I. To establish security procedures for Palo Alto Unified School District’s (PAUSD’s) computer systems.
A. Definitions
1. The term “security” refers to the procedures that ensure only the authorized and intended parties have access to
data and equipment.
2. The term “district resources” includes any services or other resources offered or owned by the PAUSD, including
but are not limited to: e-mail, file servers, and eHomework, among other examples.
3. The term “computer system(s)” includes all hardware, software and data in the PAUSD computer network,
including but not limited to mainframe computers, mini-computers, microcomputers, terminals, printers,
communications devices, operating system software, networking software, other systems software, applications
software and data.
4. The term “data system administrator” refers to the employee(s) designated in writing by the Superintendent as
responsible for defining, controlling and scheduling appropriate data collection and entry into, and for approving
the release of data from, designated computer system(s).
5. The term “level of access” defines the authorized read or update capability an individual has within the various
computer systems.
6. The term “users” refers to all individuals authorized to access the computer system.
7. The term “program manager” refers to an employee who has been assigned the responsibility for an
instructional/operational program within the PAUSD.
8. The term “terminal session” refers to the period of time during which the user of a computer system has access
to an interactive system.
9. The term “unauthorized communication” refers to any communication that violates the Technology Use Policy or
applicable local, state or federal laws.
10. The term “unauthorized site” refers to any physical site not part of the Palo Alto Unified School District.
B. Applicability
This procedure applies to all computer systems in PAUSD.
C. Authorization/Revocation of Access Level – The Director of Technology by dated and signed writing may authorize,
confirm or revoke access or levels of access of any identified individual to any designated computer system(s) or
PAUSD’s Secure Data Center(s), and by dated and signed writing may delegate or revoke delegation of such
authority to any PAUSD employee (including but not limited to any identified principal or site administrator, data
system administrator or program manager), subject to the following conditions and limitations and any additional
conditions or limitations designated by the Director of Technology:
1. Each and every PAUSD employee authorizing, confirming or revoking access or levels of access of any
identified individual to any designated computer system(s) or PAUSD’s Secure Data Center(s) shall promptly
provide the Director of Technology with a copy of each writing dated and signed by that PAUSD employee
authorizing, confirming, or revoking access or levels of access of any identified individual to any designated
computer system(s) or PAUSD’s Secure Data Center(s), including any conditions and limitations upon such
access;
2. Any PAUSD employee exercising such authority shall exercise reasonable care to ensure that each individual
authorized by that PAUSD employee to access any designated computer system(s) or PAUSD’s Secure Data
Center(s) follows all applicable laws, policies, rules and regulations regarding such access, including but not
limited to PAUSD’s Technology Use Policy, Student Records Policy, and these policies and procedures
regarding Information Technology – Data and Services/Usage, Security and Recovery; and
3. Each and every individual authorized access to any designated computer system(s) or PAUSD’s Secure Data
Center(s) shall exercise reasonable care to ensure that only authorized individuals are allowed access, including
- 10 -
but not limited to checking whether any other individual is authorized before allowing access, by reference to
list(s) posted by the Director of Technology or as otherwise directed by the Director of Technology.
Upon the effective date of these policies and procedures, each principal and other site administrator shall promptly
provide the Director of Technology with a written list identifying each individual having access and the level of access
of such individual to the designated computer system(s) at their site, and for each such individual shall either confirm
authority for such access in writing as provided above or advise such individual that these policies and procedures
prohibit continued access and take all reasonable steps to ensure that such access does not continue.
D. Physical Security – Secure Data Center(s) are defined as an access controlled area or cabinet containing district
servers or networking equipment.
1. Entry into the Palo Alto Unified School District’s Secure Data Center(s) shall be restricted to authorized
individuals only.
2. The Director of Technology will establish and enforce guidelines for maintaining the security of the Secure Data
Center(s).
E. Data Security – Industry standard methods of providing data security such as, but not limited to, passwords, firewalls,
intrusion detection, encryption or authentication will be used as a means to prevent unauthorized use, access or
distribution of PAUSD data.
1. Authorization for Access
a. Data Network – Each data system administrator is responsible for identifying individuals who shall have
access to the PAUSD network and determining the level of access an individual shall have.
b. Network Access – Methods of authentication for network access will be based upon the degree of the risk
factor for network intrusion and compromise. Strong authentication is required for access to District
resources from outside the PAUSD network. There are some PAUSD systems intended for certain public
access; e.g., District Web site.
c. Termination of Access –School principals and program managers are responsible for maintaining a user’s
authorization log and for notifying the data system administrator when a user’s authorization for system
access is terminated.
d. User Awareness – The data system administrator shall be responsible for providing security awareness
information to school principals and program managers for dissemination to students, faculties and staff.
2. Passwords
a. Passwords for entry into the PAUSD network must be changed annually but shall be changed more
frequently upon request of the data system administrator.
b. Written system passwords shall be secured in a locked repository.
c. The Director of Technology shall coordinate with data system administrators and program managers the
exact time and date of password changes.
3. User Responsibilities
a. Computer system users shall not reveal their passwords to anyone without prior approval of the user’s
program manager, data system administrator or the Director of Technology.
b. Users shall be provided with an initial password that may be changed at the user’s discretion. User-created
passwords should meet Password Standards and Guidelines for Issuing Employee Accounts and Services.
c. A terminal session shall not be left unattended or unsecured.
d. A terminal session shall be properly terminated at the end of the task or workday, whichever comes first.
F. Unauthorized Use
1. Prohibitions
a. The transmission of unauthorized communications on computer systems equipment or telecommunication
devices is prohibited.
b. The use of computers for personal, commercial, political or private gain is strictly prohibited. Education Code
7054 (a) states that no school district funds, services, supplies, or equipment shall be used for the purpose
of urging the support or defeat of any ballot measure or candidate, including, but not limited to, any
candidate for election to the governing board of the district. Employees shall use the system only for
instructional purposes, school district business and incidental personal use.
- 11 -
c.
The downloading or installation of programs to the PAUSD computer systems without the written permission
of the Director of Technology is prohibited.
2. Compromise or Incidents
a. The data system administrator or program manager shall be immediately notified whenever passwords are
compromised or incidents occur that may result in the compromise of passwords or data.
b. The unauthorized use of computer system passwords by students or PAUSD employees shall result in
disciplinary action as deemed appropriate.
c. Violations of this regulation by persons not subject to PAUSD control or disciplinary measures that involve
suspected criminal activity shall be referred to the Palo Alto Police Department.
3. Responsibility
a. The Director of Technology shall be responsible for monitoring compliance with these procedures.
II. To provide guidelines and standards for the protection and security of the district’s computer workstation
systems and for the security of data and program files maintained on that hardware.
A. Definitions
1. The term “computer workstation(s)” includes all the hardware and software associated with any personal
computer, desktop computer, or laptop computer used on data network of the Palo Alto Unified School District
(PAUSD).
2. The term “network device(s)” includes the hardware and software that comprise the network infrastructure (LAN,
WAN); e.g., routers, switches, etc.
3. The term “backup” refers to the process of copying files resident on computer disk(s) onto either magnetic tapes
or additional disk(s).
4. The term “stand-alone” refers to a computer workstation not connected to any network.
B. Applicability
This procedure applies to all locations and to all applications using PAUSD computer workstations either in a standalone or networked environment.
C. Authorized Use
1. Only computer workstations owned by the District shall be used at the employee work location unless written
authorization is obtained from the school principal and program manager.
2. Confidential student information shall not be transferred to personal computers.
3. Only employees authorized by the school principal and program manager shall access PAUSD computer
workstations.
4. Only PAUSD employees authorized by the Director of Technology shall access PAUSD network devices.
5. The transport of any PAUSD computer workstation, network device or network configuration, program, or copy of
software or data to an unauthorized site without the written approval of the Director of Technology is prohibited.
D. Hardware Protection
1. It is recommended that all PAUSD computer workstations have surge protectors or conditioned power.
2. Fileservers shall have uninterruptible power supplies ample for the given requirement.
3. A back up service is available upon request.
4. System software, operating systems and programs are duplicated and stored by the Department of Information
Technology.
5. Backup media shall be kept in a secure physical location other than the location of the computer workstations.
6. All PAUSD computer workstations shall be located in an area that can be physically secured when the computer
workstation is not in use.
7. No non-PAUSD computer workstation shall be connected to the PAUSD network without the prior approval of
the school principal and program manager.
8. No network device shall be connected to the PAUSD network without the prior approval of the Director of
Technology.
E. Authorized Software and Data Protection
1. Only software approved by the Director of Technology can be used on a PAUSD workstation. In all cases,
software must have a proper license.
- 12 -
2. Software purchased by, or licensed by, the District shall not be copied except as authorized in a license
agreement or by law.
3. All access to data that is recorded on PAUSD computer workstations and servers is governed and limited by
existing policies and regulations for the protection of students, personnel, financial or other vital data information.
F. Responsibilities
1. Each school principal and program manager is responsible for ensuring the integrity and security of the data and
the physical security of the hardware and software on PAUSD computer workstations within their respective
school or program.
2. Each school principal and program manager is responsible for ensuring that each user who has a legitimate
educational interest understands the confidentiality of data and the appropriate procedures for securing all data
within their respective school or program.
3. Each user of a PAUSD computer workstation is responsible for ensuring the security of all their data that is
recorded on the user’s assigned computer workstation. Any computer that is used by a PAUSD employee must
be left in a secure state.
4. School principals and program managers are responsible for ensuring that security violations within their
respective school or program are reported to the Director of Technology.
5. The Department of Information Technology is responsible for maintaining the integrity and security of the
PAUSD network.
6. Public or private contracted business associates shall have authorized access if they have signed a
confidentiality agreement verifying that they will appropriately safeguard and maintain the integrity of data. Data
is the property of PAUSD.
Board Procedures 6/03
- 13 -
D.
STUDENT RECORDS/ACCESS TO AND RELEASE OF INFORMATION
The Board of Education recognizes the importance of keeping accurate, comprehensive student records as required by law.
Procedures for maintaining the confidentiality of student records shall be consistent with state and federal law (Public Law 93-380
(Family Education Rights and Privacy Act of 1974 [FERPA] and Education Code Sections 49060-49078.)
The
Superintendent/designee shall establish regulations governing the identification, description and security of student records, as well
as timely access for authorized persons. These regulations shall ensure parental rights to review, inspect and copy student records
and shall protect the student and the student’s family from invasion of privacy.
The Superintendent/designee shall designate a certificated employee to serve as custodian of records, with responsibility for student
records at the district level. At each school, the principal/certificated designee shall act as custodian of records for students enrolled at
that school. The custodian of records shall be responsible for implementing Board policy and administrative regulation regarding
student records.
ADMINISTRATIVE PROCEDURES
1.
(Revised 6/03)
Definitions
a. Privacy of Information. Privacy of information means ensuring that confidential information contained in students’ records
is not disclosed without consent of the parent or a student 18 years of age or older, unless such disclosure is otherwise
required by law.
b. Confidentiality. Confidentiality refers to the obligation of those who have access to student records to disclose or transmit
information only to those parties listed in 7d (Release of Information).
c. Access. Access means a personal inspection and review of a student record or an accurate copy of a student record, or
receipt of an accurate copy of a student record, or an oral description or communication of a student record.
d. Parent. Parent means a natural parent, an adoptive parent or a legal guardian.
e. Student Record.
1) Student records include a range of information that is:
a) Directly related to a student
b) Recorded in any way, including, but not limited to, handwriting, print, computer media, video or audio tape, film,
microfilm, and microfiche
c) Maintained by education agencies or institutions, or by parties acting for the agency or institutions
d) Including but not limited to:
(1) Family information, such as name and address of the student, parent, emergency contact information, date
and place of birth, number of siblings
(2) Personal information, such as identification code, social security number, picture, or list of personal
characteristics that would make it easy to identify a student
(3) Grades, test scores, courses taken, academic specializations and activities, and official letters about a
student’s status in school
(4) Test records, answer sheets (including written responses to performance assessments and portfolios) and
records of individualized education programs
(5) Special education records
(6) Disciplinary records established and maintained by school officials
(7) Medical and health records that the school collects and maintains
(8) Documentation of schools attended, courses taken, attendance, awards conferred and degrees earned
(9) Video tape recordings of individuals or groups of students
2) A student record shall not include informal notes related to a student compiled by a school officer or employee, which
remain in the sole possession of the maker and are not accessible or revealed to any other person (except a substitute
who is temporarily performing the duties of that school officer or employee).
f. Directory Information is part of the student record that may be disclosed pursuant the Student Records/Access to and
Release of Information policy. Directory Information means one or more of the following:
1)Student/parent name
2)Address
3)Telephone number
4)Date and place of birth
5)Electronic mail address (E-mail)
6)Major field of study
7)Participation in school activities and sports
8)Weight and height of members of athletic teams
9)Dates of attendance
10)Diplomas and/or awards and honors received
- 14 -
11) Most recent previous school attended by student
(Revised 7/04)
g.
2.
3.
4.
5.
6.
Legitimate educational interest. A school official or employee’s legitimate educational interest refers to his or her
assigned responsibility relating directly to a student’s instruction, placement in grade, class or special program, discipline,
assessment of aptitude and/or achievement, counseling, guidance and the clerical tasks necessary to carry out these
responsibilities.
h. School officials/employees are defined as Board members, the district’s legal counsel or district employees charged with
responsibilities that qualify as legitimate educational interest.
Prohibition
a. It is the policy of this Board that student records available to school personnel shall be confidential and that the rights of
students and parents to privacy of such records shall be observed. The granting of access to student records to any person
or organization is forbidden, except as specifically provided by law and this policy.
b. Requests for student records from persons or organizations not specifically covered by this policy shall be referred to the
Superintendent/designee.
Maintenance, Retention and Destruction of Records
Student records shall be established, maintained, and destroyed according to the regulations of this policy and as specified in the
California Administrative Code (and revisions thereof), Title V, Part I, Division II, Chapter 2, beginning with Section 400 (and
revisions thereof).
Miscellaneous Provisions
a. Access Log. A log shall be maintained in each student’s cumulative record listing all persons or organizations requesting
or receiving information from the record. The log shall be open to inspection only by a parent or student 18 years of age or
older, and the school official/designee responsible for the maintenance of printed student records. The following types of
access should not be listed in the Access Log:
1) School officials/employees.
2) The student and the student’s parents.
3) Directory information released pursuant to the Student Records/Access to and Release of Information policy.
4) Access pursuant to a court order or subpoena if the issuing agency orders that the existence of the subpoena or the
information furnished in response not be disclosed.
b. Charges
1) The following shall be made available free of charge:
a) Two transcripts for a former student, or
b) Two verifications of records for a former student, or
c) Two transcripts for a current student.
2) A fee will be charged per transcript or per verification for every copy in excess of the above allowance.
3) The district may charge a fee per page to furnish portions of a former or current student’s record other than transcripts
or verifications.
c. Disciplinary Record. Whenever there is included in any student record information concerning any disciplinary action taken
by school personnel in connection with a student, the school maintaining such records shall allow the student’s parent to
include in such student record a written statement or response concerning the disciplinary action.
Transfer of Records
a. Transfer of Records to District. When a student transfers to the Palo Alto Unified School District, the student’s permanent
enrollment and scholarship record, or a copy thereof, shall be requested from the previous school or school district. The
school or district employee requesting such a transfer of record shall notify the parent of his/her right to review the record
and his/her right to challenge the content of the record.
b. Transfer of Records from District. When a student transfers from the Palo Alto Unified School District, the student’s
permanent enrollment and scholarship record shall be updated and transferred to the new school district or private school
upon request.
Rights of Parents – Access and Challenge
a. Right to Access. Parents, including those divorced or separated, shall have the right of access to all student records
relating to their children maintained by this district, except that only the parent having legal custody may challenge the
content of the record, offer a written response or consent to release of records to others. However, if both parents have
notified the district in writing of an agreement between themselves that either parent may grant consent for release of a
record, the agreement will be honored by the district.
b.
Initiation of Request and Access Procedure.
1) The parent of a student shall have access to, or if requested, a copy of that student’s record within 5 days of a written
or oral request. The district must request verification of identity before a student’s educational records are released.
- 15 -
2)
c.
It is desirable, though not required, that an administrator/certificated designee be present to interpret and explain the
records to the parents.
Challenge by the Parent.
1) Upon inspecting and reviewing his/her child’s record, the parent of a student or former student may challenge the
content of the student record on one or more of the following grounds, by alleging:
(a) inaccuracy, or
(b) unsubstantiated personal conclusion or inference, or
(c) a conclusion or inference outside of the observer’s area of competence, or
(d) data is not based upon the personal observation of a named person with the time and place of the observation
noted, or
(e) information/conclusions are misleading, or
2)
3)
4)
5)
6)
7)
8)
9)
(f) violations of the student’s privacy or other rights.
The building principal/designee is authorized to modify the record in a fashion responsive to the challenge if, in his/her
judgment, the criticism is appropriate. In the event of a persistent disagreement over an entry in the record, the parent
shall forward, in writing, a statement of the challenge to the district Superintendent.
Within thirty days of receipt of such request, the Superintendent/designee shall meet with the parent and the
certificated employee (if any) who recorded the information in question (if such employee is presently employed by the
school district). The Superintendent shall then sustain or deny the allegations.
If the Superintendent sustains the allegations, s/he shall order the correction or the removal and destruction of the
information.
If the Superintendent denies the allegations and refuses to order the correction or removal of the information, the
parent may, within thirty days of the refusal, appeal the decision in writing to the Board. (The Superintendent or
governing board may use a hearing panel should it so desire under the procedure for challenging the contents of
student records.)
Within thirty days of receipt of such an appeal, the Board shall meet in Closed Session with the parent and the
certificated employee (if any) who recorded the information in question and determine whether or not to sustain or deny
the allegations.
If the Board sustains any or all of the allegations, it shall order the Superintendent to correct or remove and destroy the
information from the written records of the student.
The decision of the Board shall be final.
Records of the administrative proceeding shall be maintained in a confidential manner and shall be destroyed one year
after the decision of the Board unless the parent initiates legal proceedings.
If the decision of the Board is unfavorable to the parent, or if the parent accepts an unfavorable decision by the
Superintendent, the parent shall have the right to submit a written statement of objections and said statement shall
become a part of the student’s school record.
d.
7.
Right to File Complaint. The parent or eligible student has a right to file with the U. S. Department of Education a
complaint under paragraph 99.64 of the Family Educational Rights and Privacy Act (“FERPA”) concerning alleged failures
by the district to comply with federal regulations concerning student records.
e. Notification to Parents of Rights. The district shall notify parents of their rights to access and challenge student records
as specified in Education Code Section 49063.
Privacy of Student Records
a. Directory Information
1) Directory information shall not be released if a parent or adult student has notified the school district in writing that such
information relative to that particular student shall not be released.
2) A parent or adult student must notify the school district of his/her written prohibition within thirty days (30) of the receipt
of the annual notification of parents’ and students’ rights.
3) School officials may deny the release of specific directory information if the release of such information is deemed
contrary to the best interest of the student.
4) Directory information shall not be disclosed to private or profit-making entities other than those mentioned below.
5) Unless a parent or adult student specifically denies permission, directory information may be released to:
a) The PTA or any other parent or citizens’ group which, in the opinion of the district, is using the information to
promote the welfare of the students of the district.
b) Requesting private schools or post-secondary schools.
- 16 -
c)
d)
e)
f)
g)
h)
b.
c.
d.
Representatives of the news media.
Employers and prospective employers.
State or local law enforcement officers, including a probation officer, parole officer or administrator seeking
information in the course of his duties.
An officer or employee of a federal, state or county agency seeking information about a minor in the course of
his duties.
Requesting representatives of PAUSD alumni groups who are planning secondary school reunions.
Representatives of military services.
Statistical Data. Statistical data from which no student may be identified may be released to any public agency or entity or
private, non-profit college, university or educational research and development organization when the school official deems
that such actions would be in the best educational interest of students.
Access without Consent, Judicial Order, or Subpoena. Access to student records by any person or organization without
written parent consent or judicial order is forbidden, except that access to these particular records relevant to the legitimate
educational need of the requester shall be permitted to the following:
1) Any person for whom a parent or parents of the student has executed written consent specifying the records to be
released and identifying the party to whom the records may be released. The consent notice shall be permanently
kept with the record. The recipient must be notified that the transmission of the information to others is prohibited
without written consent.
2) School officials, employees of the district and a member of the School Accountability Review Board (SARB), provided
that any such person has a legitimate educational interest to inspect the record.
3) Officials and employees of other public schools or school systems and/or state correctional facilities where educational
programs leading to high school graduation are provided, where the student intends to, or is directed to, enroll.
4) Authorized representatives of the Comptroller General of the United States, the Secretary of Education, an
administrative head of an education agency, state education officials or their respective designees, or the United
States Officer for Civil Rights, where such information is necessary to audit or evaluate a state or federally supported
education program or pursuant to a federal or state law, provided that except when collection of personally identifiable
information is specifically authorized by federal law, any data collected by such officials shall be protected in a manner
which will not permit the personal identification of students or their parents by other than those officials, and such
personally identifiable data shall be destroyed when no longer needed for such audit, evaluation and enforcement of
federal legal requirements.
5) Other state and local officials to the extent that information is specifically required to be reported pursuant to state law
adopted prior to November 19, 1974. Verification of the official’s authority to require this information may be required.
6) Parents of a student 18 years of age or older who is dependent as defined in Section 152 of the Internal Revenue
Code of 1954.
7) A student 16 years of age or older or having completed the tenth grade who requests such access.
8) Any district attorney who is participating in or conduction a truancy mediation program pursuant to Section 48263.5 or
Section 601.3 of the Welfare and Institutions Code, or participating in the presentation of evidence in a truancy petition
pursuant to Section 681 of the Welfare and Institutions Code.
9) A prosecuting attorney for consideration against a parent for failure to comply with the Compulsory Education Law or
with Compulsory Continuation Education.
10) Any probation officer of district attorney for the purposes of conducting a criminal investigation in regards to declaring a
person a ward of the court or involving a violation of a condition of probation.
11) Any judge or probation officer for the purpose of conducting a truancy mediation program for a pupil, or for purposes of
presenting evidence in a truancy petition pursuant to Section 681 of the Welfare and Institutions Code. The judge or
probation officer shall certify in writing to the school district that the information will be used only for truancy purposes.
If the district releases pupil information pursuant to this section, the district shall inform or provide written notification to
the parent of the pupil within 24 hours of the release of the information.
Release of Information. Information from student records may be released to the following:
1) Directory information as per sections 1-f and 7-a.
2) Appropriate persons in connection with an emergency if the knowledge of such information is necessary to protect the
health, safety or welfare of a student or other persons. Any release pursuant to this section shall be reported to the
Superintendent as soon as is practicable.
3) Agencies or organizations in connection with the student’s application for, or receipt of, financial aid.
4) Accrediting associations in order to carry out their accrediting functions.
5) Organizations conducting studies for, or on behalf of, educational agencies or institutions for the purpose of
- 17 -
8.
developing, validating or administering predictive tests, administering student aid programs and improving instruction, if
such studies are conducted in such a manner as will not permit the personal identification of students or their parents,
and if such information will be destroyed when no longer needed for the purposes for which it is conducted.
6) Officials and employees of private schools or school systems where the student is enrolled, or intends to enroll. Such
information shall be in addition to the student’s enrollment and scholarship records that may be transferred pursuant to
Section 5.
7) Public or private contracted business associates (statistical, database, etc.) who have a relationship with the district
and have a need to know in order to perform the functions required by the contract with the district. Each public or
private contracted business associate must sign a confidentiality agreement verifying that they will appropriately
safeguard and maintain the integrity of data for all student information. Student data is the property of Palo Alto Unified
School District. Any agency or institution that inappropriately re-releases personally identifiable information from an
education record shall not have access to education records for five years.
e. Judicial Orders/Subpoenas.
1) Information concerning a student shall be furnished pursuant to a court order or a lawfully issued subpoena. The
school employee who complies with the judicial order or subpoena shall make a reasonable effort to notify the parent
and the student in advance of compliance, unless such notification would violate the requirements of a court order.
2) The service of a subpoena upon a public school employee solely for the purpose of causing him to produce a school
record pertaining to any student may be complied with by such employee, in lieu of personal appearance as a witness
in the proceeding, by submitting to the court, or other agency issuing the subpoena, at the time and place required by
the subpoena, a copy of such record, accompanied by an affidavit certifying that such copy is a true copy of the original
record on file in the school office.
3) A copy of the record shall be in the form of a data file, photostat, microfilm, microcard or miniature photograph or other
photographic copy or reproduction, or enlargement thereof.
Locations of Student Records. The principal at the school in which the student is enrolled maintains individual student print
cumulative records. When students leave the district at the elementary level, the Supervisor of Central Attendance maintains
their print cumulative records in the District Office at 25 Churchill Avenue. When students leave the district at the secondary
level, their print cumulative records are maintained at their last school of attendance for five years and are then forwarded to the
Supervisor of Central Attendance in the District Office at 25 Churchill Avenue.
Individual student electronic records are stored on the Student Data Management System. When students leave the district,
electronic records are archived in an electronic format at 25 Churchill Avenue and maintained in the District Office fireproof vault.
(Revised 6/03)
- 18 -
E.
GUIDELINES FOR NETWORK USAGE
Reviewed and approved by the District Technology Committee April 2003
1.0 BACKGROUND AND PURPOSE
This document comprises a set of guidelines for the proper use of the Palo Alto Unified School District network
resources, equitable access, effective protection for its users, and management of those resources. This document
serves to supplement federal, state, and local laws and should be broadly interpreted where applicable. Schools
are encouraged to add site-specific guidelines, with the permission of the Director of IT, that supplement this
document without lessening the intent of these guidelines.
2.0. DEFINITIONS
2.1.
Authorized Use
Authorized use of the Palo Alto Unified School District network shall be limited to education, research,
and incidental personal use.
2.2.
Authorized Users
Authorized users of the PAUSD network include the staff and students of the Palo Alto Unified School
District in current good standing with the administration.
2.3.
Authorized Personnel
Personnel authorized to perform maintenance and add network components to the PAUSD network are
those authorized by their job descriptions as stated by Human Resources.
2.4.
Authorized Access
Access to network resources is a privilege to all authorized users. Access to network and system
components is restricted to those specifically authorized by the Information Services and Technology
department. Students and staff do not have authorized access to any components unless under the
supervision or direction of authorized personnel.
2.5.
Network Components
Hardware and software that deliver services and resources to the network define the list of network
components. Authorized users have the privilege to install and maintain network components at the
discretion and supervision of the Director of Technology.
3.0 INDIVIDUAL RESPONSIBILITIES
3.1.
Responsible Use of the Network
Users are responsible for knowing what network resources are available and that other authorized
users share them. Users are responsible for accessing these resources in a manner consistent with
their implementation. The user is responsible for knowing and understanding the intended use of each
resource.
3.2.
Domain Names
Requests for new domain names and changes to existing domain names will be submitted to the
Information Technology Department.
Use of Individually Managed Systems
Individually managed systems include all systems used to access resources on the PAUSD network
that do not fall into the scope of network components or systems managed by authorized personnel.
Authorized users have a responsibility in maintaining the integrity and security of personally owned or
managed systems that access resources on the PAUSD network. Performing regular backups of user
data files, using and updating anti-virus software, and applying current security and maintenance
software patches.
Permitting Unauthorized Access
Authorized users may not run or configure software that will intentionally grant access to unauthorized
users.
3.3.
3.4.
- 19 -
3.5.
Attempts to Circumvent Network Security
Users are prohibited from taking any action to circumvent or disable security systems in place on
network components. This extends to intercepting or decoding passwords or similar access control
information.
3.5a. Denial of Service Attacks
Perpetrating a denial of service attack on any host or server is strictly prohibited and is punishable
under the Technology Use Policy. Students and Staff are accountable to the provisions specified in
their school’s network use contract. All others are accountable by federal, state, and local laws.
3.5b. Harmful Activities
Harmful activities are prohibited and punishable under the Human Resources Technology Use Policy.
Examples include: IP spoofing, smurf attacks, intentional transmission of computer and e-mail viruses,
port scanning, disruption of services, damaging files, or intentionally damaging hardware or software
components.
3.6. Unauthorized Access
Users may not engage in activities that serve to:
• Obtain resources not authorized to them
• Deprive other users of authorized resources
• Gain unauthorized access to unauthorized resources by unethical or illegal means (i.e.
password cracking, security vulnerabilities, etc.)
3.7. Unauthorized Monitoring
Users may not monitor or capture electronic communications.
3.8. Software Licenses and Obligations
Users are obligated to have valid software licenses for any software not provided by Information
Technology. It is the user’s responsibility for maintaining the licenses for any non-District provided
software.
4.0. PALO ALTO UNIFIED SCHOOL DISTRICT IT RIGHTS AND RESERVATIONS
4.1.
4.2.
Security Procedures
PAUSD IT reserves the right to perform, evaluate, implement and enforce appropriate security
procedures in order to maintain the integrity of network components and communications.
Anti-harassment Procedures
PAUSD IT has the right to maintain a non-threatening online environment for its users. It reserves the
right to develop, implement, maintain, and enforce appropriate procedures to prevent harassment of
other users in the online community.
5.0. SANCTIONS AND DISCIPLINARY PROCEDURES
5.1.
5.2.
Investigative Contact
If a law enforcement representative contacts anyone regarding an alleged violation involving computer
or network resources, they must inform the director of PAUSD IT. It is the Director of Technology’s
responsibility to provide guidance to the law enforcement official.
Disciplinary Actions for Violations
Users found in violation of the network usage guidelines will be disciplined as defined by their network
usage contract.
- 20 -
F.
GUIDELINES FOR ISSUING EMPLOYEE ACCOUNTS AND SERVICES
Reviewed and approved by the District Technology Committee April 2003
E-MAIL
1. Accounts are granted to all regular contract employees. Hourly employees are not granted an account.
a. In the case of long-term substitutes and other anomalous users, the on-site supervisor may request an
account, if needed. Long-term subs are granted accounts for the term of their service.
2. New accounts are generally requested by Human Resources (HR) at the time the person is hired, except by request of
the Director of Technology.
3. Termination of accounts is initiated by Human Resources and as per the Director of Technology.
4. Exceptions have been made in the case of Adolescent Counseling Services employees who offer a core service at the
secondary schools and other District contracts as per the Director of Technology (i.e., Building for Excellence employees).
5. Accounts are deleted upon termination except in the case of pre-retirement and ongoing volunteer work for the District.
a. At the date of separation, Human Resources will direct IT to delete the user’s account or allow extended
service.
6. When new accounts are created, the user is sent a welcoming letter that defines the services available to them and
outlines their responsibilities as a user.
E-MAIL A DDRESS FORMATTING
1. Accounts are created with first initial last name.
a. In the event that the user has a hyphenated last name, the complete last family name will be used;
i.e., Mark Turner-Smith would be created as mturnersmith.
b. If two users have the same first initial last name combination (i.e., John Smith and Jackson Smith), the
first user will typically have already been created as first initial last name (jsmith) and the second user will
typically be assigned first two initials last name (jasmith).
c. Two users starting at the same time with the same first initial last name combination will be treated as if
they were both the second user (as in example 1b, josmith and jasmith.)
2. As of January 2003, all users’ addresses will be <username>@pausd.org.
3. Users are assigned e-mail addresses. Addresses will be changed as directed by HR to reflect changes in a legal name.
a. Users are currently not permitted to change their e-mail address to reflect middle names or nicknames;
i.e., John “Skip” Smith would be jsmith, not ssmith or skip. John William Smith would be jsmith, not
jwsmith or wsmith.
b. Users are not granted second e-mail accounts or aliases based on common permutations of their name;
i.e., Margot Schultz would be mschultz and would not have a secondary address of mshultz, even if
people typically sent mail to this misspelling.
PASSWORDS
1. Passwords are provided for user accounts to ensure user privacy, exclusive use of account privileges and account
security. Users are issued an account for their own exclusive use and are expected to respect other users’ right to their
own exclusive account.
2. Passwords should consist of five to eight characters, should be a mix of letters, numbers and other nonalphanumeric
characters, and should not contain biometric data such as user’s name, names of children or pets, or date of birth.
Passwords should also be easy for the user to remember. The passwords should never be written down where others
may find them.
3. If a user shares their password, they are waiving their right to exclusivity that could lead to loss of privacy or other less
desirable results.
4. The District issues the user’s first password. Upon receipt of the information, the user should change this password. It is
recommended that passwords be changed regularly throughout the year.
5. Passwords are used to access e-mail, file servers and the intranet from home.
- 21 -
6. Passwords on the District’s servers are changed on a quarterly basis. Three master copies of the password list are
created. One copy is retained by the System Administrator, one by the Director of Technology and one is locked in the
District vault in a sealed envelope. These lists are destroyed after the next list is created.
a. In the event that the System Administrator, Director of Technology or any employee possessing root
passwords leaves the District, the server passwords should be changed and the user’s accounts deleted
on their last day.
CALENDAR
1. District Electronic calendar accounts are provided to District Administration including Assistant Principals, Principals,
Directors, Assistant Superintendents, Deputy Superintendents and the Superintendent.
2. District Administration has the option of purchasing additional calendar accounts at the District cost via a budget transfer.
Please note that calendar licenses have a recurring maintenance cost.
3. When a user leaves an administrative position, their account is either deleted or transferred to their replacement. If the
account is not an administrative level account, the department or site will be given the option of retaining (at the
department or site's expense) or relinquishing the account.
DISTRIBUTION L ISTS
1. School sites use distribution lists to facilitate communication among employees.
2. The System Administrator sets up and deletes distribution lists.
3. Standard practice for distribution lists is:
a. Elementary Schools––The elementary schools each have two lists (<site>teachers and <site>staff.) The
System Administrator updates both lists.
b. Middle Schools––The middle schools have a large number of distribution lists with no standardization
between sites. The middle schools currently monitor and update their own distribution lists.
c. High Schools––The high schools have distribution lists broken down by department. For example,
gunn-art or paly-math. The high schools currently monitor and update their own distribution lists.
4. Additional lists will be created at the discretion of the System Administrator based on available time and the needs of the
sites.
5. The +herald@pausd.org list reaches the entire district e-mail user base. As such, it is important to protect it from abuse.
All requests to send e-mail to +herald@pausd.org must come through senior cabinet members and/or the Director of
Technology. Messages must conform to District policies and procedures and should not be used for frivolous or
unnecessary broadcasts.
6. There are other restricted lists that should only be accessed for important District business. All messages intended for a
restricted broadcast must be cleared by Cabinet or the Director of Technology prior to distribution.
ANTIVIRUS SCANNER
1. The District e-mail server uses an enterprise level antivirus scanner to check incoming mail for worms and viruses. This
scanner updates hourly. It does not prevent the delivery of the e-mail, but it does attempt to clean any infected
attachments. Uncleanable attachments are deleted. The District cannot guarantee that all viruses will be captured.
JUNK MAIL (SPAM)
1. Junk Mail (Spam) or Unsolicited Bulk E-mail, is an unfortunate fact of e-mail use at this time. In an effort to reduce the
amount of unsolicited e-mail that staff members must wade through during the course of the day, the District subscribes
to the mail-abuse.org Realtime Blackhole List. This is an actively maintained list of known junk mail (spam) sources. We
also manually maintain our own list of known spam sources. When an e-mail is submitted to the District’s mail server for
delivery, its originating mail server is checked against these two lists. If the server is listed on either, the message is
rejected.
Some e-mail of a graphic or otherwise unwanted nature will inevitably slip through the District’s safeguards. When this
happens, the user can either simply delete the message in question or contact their desktop support person for
assistance in getting the sender added to the District’s junk mail list.
- 22 -
FILTERS
1. The district provides junk mail filters for your PAUSD e-mail account. To enable the filters you need to go to
http://mail.pausd.org Enter your e-mail username (everything before the @ in your e-mail address) and password and
then click login. Click “Options” in the menu on the right. In the new window select “Message Filters.” In the window
“Message Filters” under “Edit” click on the “Pencil” icon. In the new window make sure that “Normal” is selected under the
“Select a Filter Condition.” In the “Select a Filter Action” be sure you select “Move to Junk Mail.” Click OK and you have
completed the process.
Remember to check your “Junk Mail” folder periodically for important mail that may have been caught by accident. If there
is a person(s) who is continually found in your “Junk Mail” folder and should be appearing in your regular “inbox,” in the
Junk Mail Control window you will see a window that you may add that person(s) to your “White List” to ensure that mail
from that sender(s) is never treated as Junk Mail. Periodically, delete the messages in your “Junk Mail” folder.
This filter will not catch all of your junk mail, but it should make life a little easier. If you have questions or are having
problems with the setup, please contact support@pausd.org.
SCHOOL ADMINISTRATION STUDENT INFORMATION XP (SASIXP)
The School Administration Student Information xp (SASIxp) program is the District’s student information database. All student
data is housed within this program and only authorized personnel are allowed access. Student information such as emergency
contacts, health, grades, attendance, etc. may be accessed and collected for specific state and federal reports, projections,
test scores and other required information. Authorized personnel must require access as part of their job and must receive
training prior to being given an account. Be advised that an account does not guarantee that SASIxp will be installed at the
user’s workstation.
Only workstations that are never accessed by students may have SASIxp installed. Any workstation in a student accessible
location must be password protected and occupied by authorized personnel or locked at all times. SASI data should only
accessed in the performance of official district business and by persons with a legitimate educational interest.
FUJI
Fuji is the staff file server site that allows you to connect to the “General” Fuji file share and also access individual, department
or personal file shares. Files and information may be shared among colleagues and documents may be edited by several
individuals with the assurance that the latest version is always located in Fuji. A Fuji server account acts as a file backup
account that is housed on a server at the District Office. The server is regularly backed up on tape ensuring the safety of your
files. Accounts may be initiated by contacting the Systems Administrator at 833-4252. If you do not have a site administrator
request the account for you, you will need to take picture ID to the District Office to obtain an account.
PROFESSIONAL DEVELOPMENT
Full day technology workshops are offered throughout the school year. All workshops run 8:15am-3:00pm at the
85A Computer Lab, and substitutes are provided. Topics range from webpage design to curriculum development for the web
to digital photography. Special sessions also are provided for secondary teachers about the District's InClass program, an
all-in-one system for posting course materials, assignments and grades.
Browse the complete workshop list online at: https://bob.pausd.org/ProfessionalDevelopment/WorkshopsClasses/index.cfm then go
under Technology and click on K-12 Technology Workshops.
For more information, contact Paula Hundley, the Technology TOSA, at: phundley@pausd.org or call 650-833-4241.
- 23 -
H.
E-MAIL WELCOME LETTER
username:
password:
Welcome to the Palo Alto Unified School District!
You have been issued an electronic E-mail account. This account is yours to use, but it is also your responsibility to make sure
that its use falls in line with district policies and procedures, and that others cannot access your E-mail. This means that you
must keep your E-mail password secure. Ideally you should pick a password that is difficult to guess (we suggest a mix of
letters and numbers), but that is also easy for you to remember and is 5-8 characters long.
USE
The primary purpose of your E-mail account is for instructional purposes, district business, and incidental personal use. The
district also has the right to review or monitor this particular account if we have probable cause to believe that it is being
improperly used. Improper use includes, but is not limited to: commercial or political use, both of which are strictly prohibited
and can lead to loss of your account; or using your account to transfer threatening, abusive, or sexually explicit materials. You
can read about all the "dos and don'ts" section at
https://bob.pausd.org/Support/TechPolicyGuidelines/TechnologyUsePolicy.cfm
(Please note: If you do not already have a personal account, you may wish to consider the various E-mail accounts
freely available on the Internet for such use. You should also remember that E-mail is an inherently insecure
medium, and it is possible for your mail to be misdirected or intercepted.)
TO CHANGE YOUR PASSWORD
• Open a web browser and go to http://mail.pausd.org
• Enter your Login (your E-mail address minus the @pausd.org) and your current password
• Click on "Change Password" from the options to the left of the screen
• Follow the directions on the screen
TO USE WEBMAIL
• Go to http://mail.pausd.org
• Enter your Login (your E-mail address minus the @pausd.org) and your password
ATTACHMENTS
You should also be aware of the danger presented by attachments. Attachments can often contain viruses or hidden
programs, and although the district does have facilities in place to catch any viruses that might be sent to our users, you
should still be aware that this possibility exists. If you get an attachment from an unknown person, or if you receive an
attachment you are unsure of, it is better to delete it than risk infection. If you are not certain what to do, you can always
consult one of the resources listed below.
TECH SUPPORT
We hope that your time on the PAUSD network will be trouble-free and productive, but if you do have a problem you have
several places to turn to for help:
• You can submit a HelpDesk Case
 Go to http://www.pausd.org/helpdesk
 Call 833-4243 for an account if this is your first time using the system
 Click "Login" and enter your new user name and password (remember these for future use)
 Click "Add New Trouble Ticket" (at the bottom of the screen) and enter the necessary information
• You can call Tech Support at 650-833-4243.
• You can use Desktop Support: Each school has a person who comes out to your site once or twice a week. Desktop
Support Team members will also usually be the ones to complete any trouble tickets you submit to the HelpDesk.
• *You can go to https://bob.pausd.org/Support/Technology/index.cfm for:
 A list of frequently asked questions
 A list of technical resources
Once again we would like to welcome you to the Palo Alto Unified School District. We hope you enjoy your time with us. If
you have any questions or problems, feel free to e-mail support@pausd.org or call 650-833-4252.
- 24 -
Please read the Terms and Conditions carefully, complete the
requested information and sign the Acceptable Use Agreement.
Please return the signed Agreement to Human Resources.
IX. TERMS AND CONDITIONS
1. Use of the Internet is a privilege granted for school and classroom-related projects. The employee shall use the
system only for instructional purposes, school district business and incidental personal use.
2. Violation of the PAUSD guidelines could be unethical and could constitute a criminal offense. Should an
employee commit any violation, disciplinary action, revocation of the user’s account or legal action may be taken.
3. An employee may waive all privacy rights to information that the employee publishes on the Internet.
4. PAUSD makes no warranties with respect to the Internet and specifically assumes no responsibilities for:
•
The content of any advice or information received by an employee from a source outside
PAUSD or any costs or charges incurred as a result of accessing or accepting such advice;
•
Any costs, liability or damages caused by the way the employee chooses to use his/her
Internet access;
•
Any consequences of service interruptions or changes, even if these disruptions arise from
circumstances under the control of PAUSD;
•
Any guarantees of confidentiality, even though PAUSD supports the privacy of electronic
resources;
•
Guaranteeing that an employee without consent for Internet use will never gain access to the
network resources.
5. I understand and agree to abide by the guidelines for Internet use as explained in the Technology User
Handbook– A Guide to the Internet and District Electronic Information Systems and the Terms and Conditions of
this Agreement.
- 25 -
PALO ALTO UNIFIED SCHOOL DISTRICT
TERMS AND CONDITIONS
1. Use of the Internet is a privilege granted for school and classroom-related projects. The employee shall use the
system only for instructional purposes, school district business and incidental personal use.
2. Violation of the PAUSD guidelines could be unethical and could constitute a criminal offense. Should an
employee commit any violation, disciplinary action, revocation of the user’s account or legal action may be
taken.
3. An employee may waive all privacy rights to information that the employee publishes on the Internet.
4. PAUSD makes no warranties with respect to the Internet and specifically assumes no responsibilities for:
• The content of any advice or information received by an employee from a source outside
PAUSD or any costs or charges incurred as a result of accessing or accepting such advice;
•
Any costs, liability or damages caused by the way the employee chooses to use his/her
Internet access;
•
Any consequences of service interruptions or changes, even if these disruptions arise from
circumstances under the control of PAUSD;
•
Any guarantees of confidentiality, even though PAUSD supports the privacy of electronic
resources;
•
Guaranteeing that an employee without consent for Internet use will never gain access to the
network resources.
5. I understand and agree to abide by the guidelines for Internet use as explained in the Technology User
Handbook– A Guide to the Internet and District Electronic Information Systems and the Terms and Conditions of
this Agreement.
ACCEPTABLE USE AGREEMENT
I have read the Technology User Handbook – A Guide to the Internet and District Electronic Information Systems and
understand that I must adhere to the principles and procedures detailed within.
Should I breach the guidelines noted above, I understand that I may lose all network privileges on the Palo Alto Unified School
District Network and be subject to disciplinary action, revocation of the user’s account and/or legal action may be taken.
User Name
School/Dept.
(Please Print)
User Signature
Date
Please return this page to H uman
Resources
- 26 -