Policy Details Page
The Board of Directors finds that accurate, timely and relevant data is a critical asset of Tacoma Public Schools. Protection of such data requires robust security protocols designed to prevent loss of data, financial risk, damage to the District’s reputation and legal consequences.
This policy and its accompanying regulation will establish processes by which District data will be collected, secured, accessed, used, stored, transported, disclosed and protected. All such processes will seek to minimize risk of unauthorized disclosure of data, whether accidental or deliberate, and will apply to anyone with authorized access to District data.
The Chief Information Officer (CIO) will direct and manage the District’s IT Security Team. The CIO, in conjunction with the security team, shall be responsible for:
• Implementing and enforcing a Data Security regulation established collaboratively by the CIO and the District Cabinet in compliance with this policy.
• Establishing, maintaining, and enforcing electronic and physical information security and access standards for all programs under the direction of the Superintendent or designee.
• Identifying and implementing best practices and standards for secure transport and storage of electronic data.
• Managing information security incidents, including establishing and communicating an incident response protocol.
• Informing all district information systems users of their individual responsibilities regarding data security.
• Conducting regular testing of district data systems for vulnerabilities and mitigating those vulnerabilities.
The Superintendent or his/her designee is authorized to adopt a regulation to implement this policy.
Cross References: 6973 – Acceptable Use Policy for Digital Resources
4040 – Public Access to District Records
20 U.S.C. § 1232g;
34 CFR Part 99 Family Educational Rights and Privacy Act
RCW 28A.320.015 School boards of directors – Powers
Chapter 28A.604, RCW Student User Privacy in Education Rights
Adoption Date: 4/11/2019