I certify that I am currently employed by an authorized representative of the Office of the State Superintendent of Education (OSSE), and that I am accessing educational records in the District of Columbia’s State Longitudinal Education Database (SLED) solely for evaluation, audit, enforcement, or compliance activities pursuant to an active data-sharing agreement with OSSE. I agree not to access any information of my friends, family, neighbors, co-workers, public figures, or other persons unless that information is legitimately necessary to carry out the OSSE-approved activities. I agree to protect any data that I access from further disclosure to any other person or entity. When I no longer need the data that I access from SLED, I agree to destroy the data in accordance with the data-sharing agreement with OSSE.
Data Privacy Information
The data contained in the Statewide Longitudinal Education Data (SLED) systems are kept confidential pursuant to the Family Educational Rights and Privacy Act (FERPA), which is a Federal law that protects the privacy of student education records, and the FERPA regulations promulgated by the Department of Education (20 U.S.C. § 1232g; 34 CFR Part 99).
Protected information includes, but is not limited to, the following:
· Names of students, parents or other family members
· Identifiers, including school IDs, unique identifiers, and Social Security Numbers
· Indirect identifiers, date of birth, place of birth, and mother’s maiden name
· Phone numbers (home, cell, office, etc)
· Special Education status/history
· Any other information that, alone or in combination, that would allow a personable person in the school community to identify the student
Protection of Data within SLED
· Information retrieved from SLED systems may be shared only with individuals expressly authorized to receive this information.
· Data must not be “screen scraped” or accessed by automated tools and used in any other program.
· All printed materials are to be marked as Personally Identifiable Information (PII).
· All sensitive information existing in hard copy must be stored in a locked container in a limited or exclusive area, an access controlled electronic environment, or be under the physical control of an authorized individual.
· All inquiries on student data shall be related to a legitimate business and/or educational interest of the organization and shall not be used or motivated by any personal interest of an employee of the organization.
· Electronic files must be properly encrypted.
· Never save unencrypted information on an unsecured drive, including a computer's hard drive.
· Never access data unless a legitimate relationship exists between the requestor and the student/student’s family.
· Never leave computers logged on and unattended. Log off at the end of each session or use access control software (i.e., screen saver with password) during unattended use.
· Never email FERPA- protected information except in an encrypted and password- protected attachment.
· Never provide a password in the same email as an encrypted document.
· Never view sensitive material while in a public place or on a shared, public computer.
Privacy of the SLED User Accounts
· Sharing SLED User Accounts and passwords is a violation and will result in the individual, and potentially the organization, permanently losing access to SLED Systems.
· The SLED User Accounts is assigned to an individual, not the organization.
· Only the individual to whom a SLED User Account is assigned can use that SLED User Account to access SLED system.
· Each individual is responsible for protecting his or her access, password, and the data in SLED systems.
· At no time should an individual be asked to provide their SLED system User Account
and password to anyone. This includes the employee’s supervisor or management.
· Individuals who are asked to provide their SLED User Account and password to anyone must contact the SLED Help Desk Technical Support Team at [email protected] immediately.
· An eligible organization that allows unauthorized access to the SLED system will be considered to have violated its responsibilities and places itself at risk of losing access to the SLED system.
· All organizations must train employees on the importance of maintaining the privacy of student data, and review its own policies, procedures, and agreements to ensure that it is in full compliance.
· An eligible organization shall maintain an accurate and current listing of your organization's active users and provide such list to OSSE upon request.
· Contact the SLED Help Desk Technical Support Team at [email protected] for deactivating users who are no longer employed or whose job no longer warrants access to the SLED system.
· It is required to report any person(s) to [email protected] that is identified as using and or sharing the SLED Data inappropriately.