Data governance is the system of rules, policies, and procedures used to manage and protect digital information. It helps to provide clear guidelines for how data is collected, stored, used, and shared with relation to students, staff, and operations. The importance of data governance is essential for:

• Protecting Privacy: Ensuring the confidentiality of sensitive information for our students, families, and staff, in accordance with privacy laws and ethical standards.
• Ensuring Data Accuracy and Reliability: Maintaining the integrity of data so that it is accurate and trustworthy for making informed decisions about student learning and district operations.
• Maintaining Security: Implementing measures to safeguard our digital information from unauthorized access, misuse, or loss, thereby protecting our community's data.
• Promoting Responsible Use: Guiding our staff and students in the ethical and appropriate use of digital resources and data.
• Complying with Regulations: Adhering to federal and state laws related to data privacy and security.
• Building Trust: Demonstrating our commitment to responsible data practices, fostering confidence among our families and staff that their information is handled with care and integrity.

Effective data governance helps us create a safe, secure, and trustworthy digital environment that supports our educational mission and protects our entire community.

In a digital world, "data" refers to any information that is collected, stored, and used electronically. This could include a wide range of information, from usage statistics of online tools to specific details related to students and staff. Effectively managing this data is crucial for providing a personalized and supportive educational environment.
A vital component of data is known as Personally Identifiable Information, or PII. PII is any information that, when used alone or combined with other relevant data, can identify an individual.

Examples of PII include, but are not limited to:

• Full name
• Student or staff identification numbers
• Email addresses
• Home or physical addresses
• Phone numbers
• Dates of birth
• Participation in officially recognized activities and sports
• Educational records

It is important to understand that even seemingly non-sensitive pieces of information, when linked together, could potentially identify an individual and therefore be considered PII. The district is committed to handling all data, especially PII, with the utmost care and in accordance with all applicable laws and policies to ensure the privacy and security of all stakeholders.

In the digital age, passwords are the first line of defense for protecting online information. Whether it's a school account, a personal email, or a financial institution, strong passwords are crucial. Reusing the same password across multiple accounts is a significant risk. If a cybercriminal gains access to one account, they can potentially access all accounts that use the same password. This can have a domino effect, compromising your entire online presence.

Here are some tips for creating strong, unique passwords:

• Length: Aim for passwords that are at least 12 characters long. Longer passwords are significantly harder to crack.
• Mix It Up: Combine uppercase and lowercase letters, numbers, and symbols. The more complex the combination, the better.
• Avoid Personal Information: Do not use your name, birthday, address, favorite sports team, pet name, or other easily guessable details.
• Think Phrases: Consider using a phrase as a base for your password. For example, "I love to read books!" can be turned into a complex password like "Il0ve2Re@dBookS!".
• Regularly Update Passwords: Change your passwords periodically, especially for sensitive accounts.
• Use a Password Manager: Password managers can generate and store complex passwords securely, reducing the need to remember them all.
• Enable Multi-Factor Authentication (MFA): When available, use MFA. This adds an extra layer of security by requiring a second form of verification, such as a code from your phone.

Your child's privacy is important, especially when it comes to technology and education. Here's a breakdown of key federal laws that protect their information:

• Children's Internet Protection Act (CIPA):
  
  • What it means: CIPA requires schools and libraries that receive federal funding for internet access to implement internet safety policies. This includes mandatory filtering and monitoring of online activity to protect children from harmful content, such as obscene material, child pornography, and content deemed harmful to minors. This often results in schools blocking access to certain websites and monitoring online activity on school networks.

• Children's Online Privacy Protection Act (COPPA):
  
  • What it means: COPPA protects the online privacy of children under 13. It requires websites and online services that collect personal information from children to obtain verifiable parental consent. This means websites and apps aimed at children under 13 must get your permission before collecting information like names, addresses, photos, or online contact details. When schools utilize online tools that gather data from children under 13, they must ensure COPPA compliance, and inform parents of what data is being collected.

• Family Educational Rights and Privacy Act (FERPA):
  • What it means: FERPA gives parents and eligible students (18 or older) certain rights regarding student education records. This includes the right to access and review education records, request corrections to inaccurate information, and control the disclosure of personally identifiable information. Schools must obtain written permission before disclosing this information, except in specific circumstances, such as to school officials with legitimate educational interests. This law applies to any school that receives funding from the U.S. Department of Education. Once the student turns 18, these rights transfer to the student.

The Arizona Department of Education has put together many resources for all stakeholder groups to learn about data privacy and help protect student data. Every person has a role to play...click to learn more.

The Family Educational Rights and Privacy Act (FERPA) is a federal law that requires Chandler Unified School District (CUSD) to obtain written consent before disclosing personally identifiable information from a student's education records.  However, the district can disclose "directory information" without prior written consent, unless parents/guardians have instructed the district otherwise.

Directory information is data that is generally not considered harmful or an invasion of privacy if released.  It allows the district to include student information in specific school publications like: playbills, school yearbooks, recognition lists, and graduation programs.

Directory information may also be shared with outside organizations (e.g., class ring or yearbook companies) without prior consent.  Additionally, federal law mandates that the district provide military recruiters with names, addresses, and phone listings upon request, unless parents/guardians have opted out.

Parents/guardians have the right to notify the district in writing if they do not want any or all of their child's information designated as directory information to be disclosed.

To find out more refer back to the student handbook or the Board Policy 5-303.