-
OPUSD Staff Technology Acceptable Use AgreementUpdated July 2024, new items are highlighted in yellow.
In accordance with Board Policy E4040(1):
This Staff Technology Acceptable Use Agreement (“AUA”) protects Oak Park Unified School District (“OPUSD”) and its employees by providing guidelines and regulations for the appropriate use of District technology, information, and communication. By using District technology, employees agree to abide by all of the terms described in this AUA. This AUA applies when District technology is accessed on or off-site, both through District-owned or personally-owned equipment or devices. This AUA complements and supports District Board Policy 4040, the Staff Social Media Guidelines and Best Practices as outlined in the District’s communication plan, as well as any other relevant Board Policy, state and federal law.
District technology includes District owned/managed computing devices, communication devices, network systems, and online information systems and services.
This AUA serves to:
- ensure district resources are used to promote the district’s educational goals;
- ensure district communication and information resources are accessible to all;
- ensure employees adhere to the highest standards of professionalism, integrity, and civility.
- protect the welfare and rights of students, families, and staff;
- protect the privacy and the security of student and staff information;
- protect the district’s network infrastructure, information systems, and equipment;
- protect intellectual property rights;
The District’s goal for using technology is to promote educational excellence in schools by providing appropriate access to information and learning for all students while facilitating critical thinking, creativity, communication, and collaboration. By integrating technology into the daily curriculum while promoting digital citizenship, educators train students to participate ethically in a dynamic global society.
Successful operation of District technology requires that all users conduct themselves in a responsible, confidential, ethical, professional, and polite manner, consistent with the District’s mission and goals, as well as all applicable laws and regulations.
LEGAL COMPLIANCE
District employees must obey all applicable laws and follow rules of professional conduct when using technology during the performance of their duties. Particular care should be exercised when transmitting confidential information about students, employees, and/or any other business of the District. Federal and state laws which apply include:
1. The federal Americans with Disabilities Act (1990) and the Rehabilitation Act of 1973 (sections 504 and 508), which establish regulations to ensure accessibility to information technology and appropriate accommodations for those with disabilities.
2. The federal Children’s Internet Protection Act (CIPA), which protects the safety and privacy of minors. The District uses requisite filtering technology to monitor and screen access to the Internet in an attempt to prevent online access to materials that are obscene, contain child pornography or are harmful to minors.
3. The federal Children’s Online Privacy Protection Act (COPPA), protects against the online collection of personal information from children under 13.
4. The federal Digital Millennium Copyright Act (DMCA) addresses copyright infringement in digital media.
5. The federal Family Educational Rights and Privacy Act (FERPA) protects the rights of students regarding access to, amendment, and disclosure of information contained in education records.
6. The federal Health Insurance Portability and Accounting Act (HIPAA) protects the rights of students and employees regarding confidential health information.
7. The federal Protection of Pupil Rights Amendment (PPRA) concerns the administration of surveys to students that cover eight protected areas and ensures student privacy, parental access to information, and prior parental consent.
8. The California Child Abuse and Neglect Reporting Act, AB 1775 (2014), which expands the definition of sexual abuse/exploitation to include a person who knowingly downloads, streams, or accesses digital media in which a child is engaged in an act of obscene sexual conduct.
9. The California Electronic Communications Privacy Act (CalECPA), also known as Senate Bill 178 (2015), which strengthens electronic privacy against access to data on electronic devices.
10. The California Student Online Personal Information Protection Act (SOPIPA), Assembly Bill 1584 (2014), and Senate Bill 1177 (2014), which protect student information and records with regard to operators of websites, online services, and applications that are marketed and used for K-12 school purposes.
11. The California Consumer Privacy Act of 2018 (CCPA), AB 375 extends protections for student Personally Identifiable Information (PII) up through age 16 (beyond the COPPA protections, which cover children up through age 13).
12. The California Public Records Act (PRA) was enacted to safeguard the accountability of government to the public, promote maximum disclosure of the conduct of governmental operations, and explicitly acknowledge the principle that secrecy is antithetical to a democratic system.
13. California Penal Code section 502, which prohibits unauthorized computer access.
14. California Education Code section 49073, et seq., which governs student data privacy laws and gathering information from student’s social media accounts.
GENERAL TERMS AND CONDITIONS
1. Employees have no specific ownership or possessory right in District-owned devices used or in the information stored or created therein.
a. Upon receipt of a District-owned device, employees may be the authorized possessor as defined in the California Electronic Communications Privacy Act (CalECPA). As an authorized possessor of a District-owned device, employees are responsible for using the device appropriately and for employment-related purposes.
b. Only the employee assigned by the District to the device may use the device.
c. The District may confiscate any District-owned device at any time and without cause. If the District confiscates a District-owned device, an employee is no longer the authorized possessor of the device.
d. District-owned devices are the property of the District. District-owned devices and the information contained therein may be assigned or used by other employees, on an as-needed basis, in furtherance of the District’s operational and administrative objectives.
2. Employees have no reasonable expectation of privacy when using district-managed technology and services.
a. An employee's use of District technology is a waiver of the protections of CalECPA. By using District technology, whether from personal or District-owned devices, employees grant specific consent, as defined by CalECPA, to the District to review and monitor all electronic communication information and electronic device information created, stored, or transmitted via District technology.
b. The data that employees create, store, and/or transmit using District technology is not private and is considered the property of the District, even when employees use a password to secure the device or service.
c. The District retains the right to inspect, delete, and report any apps, information, and files on District technology. Employees uncomfortable with this stipulation should refrain from loading personal information, files, apps, and email accounts onto District-owned devices.
d. Employees are prohibited from bringing illegal content onto District technology. The District will comply with all legal requirements for notification and reporting of any illegal activity or suspected illegal activity to law enforcement officials.
e. Employees who choose to access District technology services (e.g., the District’s network) on their personal devices acknowledge and agree to turn over their personally owned devices and/or equipment when requested by law enforcement officials as a condition of accessing District technology services from those devices. Employees who do not agree to these stipulations must refrain from using their personally owned devices and equipment to access and communicate via District technology.
f. Employees shall periodically examine their district electronic devices and purge them of any personal files, photos, and videos unrelated to the District’s educational mission.
3. Employees are to conduct official business and correspondence only through District-provided or District-managed accounts and not through their personal accounts. Official accounts include district email, Parent Square, and district webpages.
a. District/school business communications are subject to discovery pursuant to a subpoena, public records act request, or other lawful request.
b. District employees who conduct official District/school communications from their own personal, non-district issued devices acknowledge and agree that, in doing so, those personal devices may be subject to discovery and disclosure pursuant to a subpoena, public records act request, or other lawful request.
c. District and/or school records maintained on any personally owned device or official communications sent or received on a personally owned device may be subject to discovery and disclosure, pursuant to a subpoena, public records act request, or other lawful request.
d. District-provided email accounts are strictly for educational business use and shall not be used for personal purposes.
e. Staff will adhere to the OPUSD Staff Social Media Guidelines when using social media with students.
4. Accounts used to access District technology services and data systems must be kept secure (e.g., device logins, email, file storage, student information systems, electronic grade books, attendance and grade reporting functions, staff data systems, etc.)
- Employees shall keep their passwords secure and shall not write down their passwords anywhere near the computer or where a student or other unauthorized user might discover them.
- Employees shall not give their login credentials (such as passwords) to students, teacher assistants, aides, or other users nor allow them to access or input grades or attendance information into the district’s student information systems.
- Staff are required to follow all district established cybersecurity protocols (including multi-factor authentication (MFA) to access district technology tools and services including computers, email systems, student information systems, and/or other electronic or online resources. Secure authentication methods may include the use of a smartphone authenticator app (on employee’s own personal smartphone), physical security key (provided by the district), and/or other district-approved method.)
5. Staff shall promote information security and uphold staff and student data privacy when working with third-party vendors and online resources.
- In order to ensure student data remains private and protected from unauthorized use or sale, staff shall not use third-party websites or digital resources that use student email accounts for login that don’t have a current and valid California-National Student Data Privacy Agreement CSDPA/NDPA agreement in place with Oak Park USD or other data privacy agreement that has been approved by the district technology department.
- Staff may use third-party websites and digital resources with students when those tools/resources do not require students to authenticate with their district email account nor provide any Personally Identifiable Information (PII) including email addresses. (Students may use a teacher-generated join code without providing any personally identifiable information.)
PROHIBITED USES
The following list is intended to provide employees with examples of prohibited conduct. It is not intended to serve as an exhaustive list of potential employee misconduct related to technology use:
1. Creating or transmitting material that a recipient might consider disparaging, harassing, and/or abusive based on race, ethnicity, national origin, immigration status, sex, gender, sexual orientation, age, disability, religion, and/or political beliefs.
2. Accessing, creating, publishing, or transmitting harmful or inappropriate matter that is sexually explicit, obscene, or threatening or that promotes any activity prohibited by law, Board policy, or administrative regulation;
3. Creating, transmitting, or publishing defamatory material;
4. Engaging in plagiarism;
5. Infringing upon copyright, including software, published texts, and student work, or storing and/or public showing of audio and video media for which proper license or ownership is not maintained;
6. Transmitting commercial and/or advertising material;
7. Proselytizing, whether religious or political;
8. Interfering with the normal operation of District technology, including the willful propagation of computer viruses, use of spyware, or other malware;
9. Causing congestion or disruption to the District network through inappropriate downloads of large files, streaming audio/video not directly related to providing instruction or district business, or other such non-work-related activities;
10. Accessing, changing, or using another person’s account, files, output, records, or username for which one does not have explicit authorization to do so.
EQUIPMENT CARE AND LOSS
Employees are expected to treat District property including technology such as laptops or mobile computing devices with care. Reoccurring or willful damage to District-owned device(s) may result in the employee being held responsible for the cost of repair or replacement. Staff are to avoid using their district devices while eating food or with open beverage containers nearby.
If a District device is lost or stolen from an employee, the staff member shall obtain a police report and provide it to the district so the district can seek reimbursement from insurance.
STAFF COMMUNICATIONS
Accountability, Discretion, and Professionalism: Employees should exercise discretion and professionalism with all online communications and postings, both personal and job-related. Employees must understand that they are always accountable for their postings, social media content, and other electronic communications.
Interacting online with colleagues, students, parents, and alumni should be considered the same as interacting with those individuals or groups face-to-face. Social networking sites (e.g., Facebook, Instagram, TikTok, Tumblr, X, Pinterest, etc.), school-based content and learning management systems, e-mail, texting, picture and video-based share sites (e.g., TikTok and YouTube) should never be used to disparage, harass, intimidate, or violate privacy. The use of websites, blogs, wikis, and media share tools should always be used in accordance with standards of professionalism and employee conduct as outlined in this AUA.
Discretion and prudent judgment in social networking activities are essential for protecting the District, its students, and employees. If an Employee’s activity on a social networking site, blog or personal website violates this AUA, the District reserves the right to request that the employee cease such activity, and it may take disciplinary action up to and including termination.
Employee Maintained Webpages: Employees shall ensure that the publicly accessible webpages/websites they maintain shall be accessible to individuals with disabilities in compliance with Americans with Disabilities Act and Section 508 of the Rehabilitation Act of 1973. This may be done by adherence to Web Content Accessibility Guidelines (WCAG 2.0) (or updated equivalents of these guidelines) which helps to ensure that webpages can be correctly interpreted by automatic screen reading devices. Required accessibility criteria includes, but is not limited to, the following:
- Images: All images must contain an “alt tag” or long description
- Text Equivalents: Provide text descriptions to logos, pictures, icons, and audio
- Videos closed captioned: All videos on a school/district webpage must have closed captioning embedded within the video
- PDF Documents:
- PDF’s must have Accessibility Tags embedded (such as those edited with Acrobat Pro with Accessibility Tools enabled)
- Forms must be fillable fields in PDFs
- PDF documents should not contain scanned images
- Scanned documents must be converted to text using OCR (Optical Character Recognition)
- HTML Headings: must use Headings ,<h1>, <h2>, <h3> in formatting webpage (not pasted from MS Word)
- Tables: Column and Row headings must be meaningful and descriptive
- Animations (Flash): Avoid flashing or blinking, no more than 1 flash/sec, presentation transitions no less than 5 seconds
- Links: must not be broken, and those pointing outside of district/school should have a written warning that clicking on that link will cause the user to leave the district/school website
Employees needing assistance implementing the above-stated criteria on employee-maintained webpages should contact the District's Director of Technology for support.
Use of Student Images and Work: The District considers photographs (including digital photos) to be directory information and thus may be used without explicit permission by the District for non-commercial purposes within digital, online, and traditional publications in accordance with California Education Code section 49076 and Title 34 of the Code of Federal Regulations. In order to safeguard student privacy, staff shall not post photos and/or student work along with the names of students on school or district websites unless they have received explicit written permission from both student and parents to do so. Staff may post student photos and student work without names, or post student names without photos (unless a parent has submitted a Media Release OPT OUT Form to the school office indicating that they do not wish their child’s photo to be published at all). Prior to publishing student images, staff shall consult the District's directory information list to determine whether students shown in the image have not submitted an OPT OUT Form.
Use of Electronic Communication with Students: Employees should communicate with students primarily through district-provided e-mail, Google Classroom, or the Parent Square communications platform. Employees shall refrain from messaging (e.g., iMessage, Snapchat, etc.) or any other texting, photo or video communication with students on a personal basis not directly tied to an educational activity. This is especially true with regard to services whose messages disappear after receipt.
Employees may use social networking tools for appropriate educational purposes but should only use accounts created specifically for class communication and not a personal account. Such purposes may include clubs, athletic teams, and co-curricular activities. Employees must adhere to COPPA in relation to student privacy and identity.
According to Board Policy 4119.24, Maintaining Appropriate Adult-Student Interactions, district staff are prohibited from "[5.] Creating or participating in social networking sites for communication with students, other than those created by the district, without the prior written approval of the principal or designee" and “[6.] Inviting or accepting requests from students, or former students who are minors, to connect on personal social networking sites (e.g., "friending" or "following" on social media), unless the site is dedicated to school business.” To maintain compliance with the board policy requirements, teachers and staff will obtain prior written permission to use social media accounts with students by completing the OPUSD Social Media Registry application form (http://bit.ly/OPsocialmediaRegistry) annually and waiting for that written permission (such as an email reply) from their site principal/administrator before using that platform with students for the following school year.
Please see the District’s Social Media Guidelines and Best Practices outlined in the Communication plan for more information.
SOCIAL NETWORKING
Use of Social Networks for Development, Alumni, and Admissions Purposes: The District has determined that it is in its best interest to establish a social networking presence (e.g., Facebook, Twitter, or other social media sites) for development, alumni relations, marketing, and other school-related purposes. All official contacts or postings to these sites will be under the direction of the District Office and Administration.
Employment-Related Friends (co-workers, supervisors, and subordinates): Employees in supervisor/subordinate relationships are strongly encouraged to use caution due to the potential for both parties to feel awkward or pressured to accept a “Friend” request for business purposes. Such awkwardness or pressure potentially impacts the work and social relationships and may raise allegations and concerns about conflicts of interest, unequal treatment, discrimination, or harassment.
Privacy Settings: Employees should carefully review their privacy settings and exercise care when posting content and information in their online profiles. The District strongly encourages employees to have the highest level of privacy settings on both their personal and professional accounts. Employees should review their personal pages regularly, especially when content is posted by others.
FREE SPEECH
A District employee acting in an individual capacity and outside the scope of employment may, during non-working time, express views and opinions that do not necessarily state or reflect those of the District. Any such expression shall neither state nor imply that it is made on behalf of the District. A District employee shall not communicate information otherwise prohibited by District policy and procedures using District technology.
INTELLECTUAL PROPERTY
The District recognizes that employees may create instructional materials or online resources in the course of their employment in carrying out their duties as educators. The District shall retain a non-exclusive perpetual license to use, modify, and adapt the materials and resources created while under employment by the District for the purpose of carrying out the staff member’s duties. The materials and resources otherwise remain the property of the author, who is free to take the material (aside from private or confidential student records) with them when they leave the District.
Misuse of technology may result in discipline, penalties under applicable laws, and/or the loss of use of technology. Users may be held accountable for their conduct under any applicable District policy or collective bargaining agreement. Illegal reproduction or distribution of software and other intellectual property protected by U.S. copyright law is subject to civil damages and criminal punishment, including fines and imprisonment.
STREAMING VIDEO
District staff are prohibited from using retail consumer streaming video services (such as Netflix, Hulu, Disney+, Amazon Prime, Apple TV, etc.) to show movies during class or for school events. Although teachers have some latitude for using copyrighted materials for instructional purposes under Fair Use guidelines of federal Copyright law, those fair use exceptions do not apply to consumer-oriented streaming video services (such as Netflix, Hulu, Amazon Prime, Disney+, etc.), which are only licensed to individual consumers (not schools) and whose licensing agreements specifically prohibit the showing of those videos in a public setting. Teachers wishing to show movies or other copyrighted videos in the course of “face-to-face” instruction must do so from legally purchased physical media (such as DVD or Blue-Ray disc) or through a K-12 licensed video streaming company (such as Swank Motion Pictures/Movie Licensing USA) with a license purchased for each specific performance.
ARTIFICIAL INTELLIGENCE USE IN THE CLASSROOM
In accordance with BP 4040, only AI systems and platforms that have been vetted and approved by the district (to ensure compliance with state and federal student data privacy regulations) may be used with students. At the start of each academic year or semester (for semester-only classes), teachers shall provide students and parents with written instructions about the teacher’s AI use policy, stating whether or under which circumstances students will be allowed to use AI in the course or class. Students and parents shall be asked to acknowledge and agree to the teacher’s AI policy in writing (or through Parent Square post/form):
If students will be prohibited altogether from using AI for such class, that will be made clear and explicit in the AI use policy. If the teacher allows the use of AI on a case-by-case or assignment-by-assignment basis, then the AI use policy shall state that the use of AI is prohibited unless the teacher explicitly authorizes the use of AI on a particular assignment or project. For each assignment or project where students will be allowed to use AI, the teacher shall clarify both orally and in writing the scope and purposes for which AI may be used, and the consequences for violation (e.g., 50% credit). Teachers shall use good faith efforts to have consistent, fair, and equitable policies and consequences within their course/class regarding the use of AI and shall use good faith efforts to coordinate with other teachers teaching the same class to develop consistent policies and consequences for the use of AI. Teachers shall guide and monitor student use of AI in their classes, ensuring that it aligns with the District’s Student Acceptable Use guidelines and policies.
Employees shall not share any personally identifiable information or confidential information with any AI platform.
Personally identifiable information includes but is not limited to, a person’s name, address, email address, telephone number, Social Security number, or other personally identifiable information. Confidential information includes, but is not limited to, information in a student’s education record such as their grades and information pertaining to an Individualized Education Plan.
LIMITATIONS ON DISTRICT RESPONSIBILITY
The District makes no guarantee that the functions or services provided by or through District Technology will be without defect or uninterrupted. The District is not responsible for any damages suffered while utilizing District Technology. The District is not responsible for any loss or damage incurred by an employee as a result of his/her personal use of District Technology. The District is not responsible for any financial obligations arising from unauthorized use of District Technology.
—---------------------