La lecture en ligne est gratuite
Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres
Télécharger Lire

6.19.5 NMAC NEW RULE DRAFT PUBLIC COMMENT

De
2 pages
TITLE 6 PRIMARY AND SECONDARY EDUCATION CHAPTER 19 PUBLIC SCHOOL ACCOUNTABILITY PART 5 STUDENT IDENTIFICATION SYSTEM AND ACCOUNTABILITY DATA SYSTEM: SECURITY MEASURES 6.19.5.1 ISSUING AGENCY: Public Education Department [6.19.3.1 NMAC – N, xxx] 6.19.5.2 SCOPE: This rule applies to all school districts and public schools, including charter schools. [6.19.3.2 NMAC – N, xxx] 6.19.5.3 STATUTORY AUTHORITY: Paragraph (1) of Subsection B of Section 22-2-1, Paragraph (1) of Subsection A of Section 22-2C-11, and Subsection I of Section 22-2C-11 NMSA 1978 [6.19.5.3 NMAC – N, xxx] 6.19.5.4 DURATION: Permanent [6.19.5.4 NMAC – N, xxx] 6.19.5.5 EFFECTIVE DATE: xxx, unless a later date is cited at the end of a section. [6.19.5.5 NMAC – N, xxx] 6.19.5.6 OBJECTIVE: The rule establishes security measures that shall be adhered to in the implementation of the system designed to address the requirement that the Public Education Department issue a state identification number for each public school student for use in the Accountability Data System. [6.19.5.6 NMAC – N, xxx] 6.19.5.7 DEFINITIONS: A. “Accountability data system (“ADS”)” means that system through which data from each public school and each school district is compiled and reviewed. B. “Accountability data system coordinator (“ADS coordinator”)” means that employee designated by the public education department (“PED”) as the point of contact for the implementation of ADS. ...
Voir plus Voir moins
6.19.5 NMAC
10/19/2004 3:04 PM
1
TITLE 6
PRIMARY AND SECONDARY EDUCATION
CHAPTER 19 PUBLIC SCHOOL ACCOUNTABILITY
PART 5
STUDENT IDENTIFICATION SYSTEM AND ACCOUNTABILITY DATA SYSTEM:
SECURITY MEASURES
6.19.5.1
ISSUING AGENCY:
Public Education Department
[6.19.3.1 NMAC – N, xxx]
6.19.5.2
SCOPE:
This rule applies to all school districts and public schools, including charter schools.
[6.19.3.2 NMAC – N, xxx]
6.19.5.3
STATUTORY AUTHORITY:
Paragraph (1) of Subsection B of Section 22-2-1, Paragraph (1)
of Subsection A of Section 22-2C-11, and Subsection I of Section 22-2C-11 NMSA 1978
[6.19.5.3 NMAC – N, xxx]
6.19.5.4
DURATION:
Permanent
[6.19.5.4 NMAC – N, xxx]
6.19.5.5
EFFECTIVE DATE:
xxx, unless a later date is cited at the end of a section.
[6.19.5.5 NMAC – N, xxx]
6.19.5.6
OBJECTIVE:
The rule establishes security measures that shall be adhered to in the
implementation of the system designed to address the requirement that the Public Education Department issue a
state identification number for each public school student for use in the Accountability Data System.
[6.19.5.6 NMAC – N, xxx]
6.19.5.7
DEFINITIONS:
A.
“Accountability data system (“ADS”)” means that system through which data from each public
school and each school district is compiled and reviewed.
B.
“Accountability data system coordinator (“ADS coordinator”)” means that employee designated
by the public education department (“PED”) as the point of contact for the implementation of ADS.
C.
“FERPA” means the Family Educational Rights and Privacy Act of 1974, codified at 20 United
States Code 1232g, and the implementing regulations at 34 Code of Federal Regulations Part 99.
D.
“Need to know” means the determination made by the local school district superintendent or
charter school administrator that an employee granted access to the student identification system in the performance
of the employee’s official duties has a legitimate educational reason for accessing individual student records. This
determination must be made subsequent to the beginning of each school year.
E.
“Student identification number” means that unique and consistent number assigned to each student
enrolled in the New Mexico public school system for whom data is reported to the accountability data system.
F.
“Student information system” means that collective system designed and implemented by a local
school district or charter school to record individual student information.
[6.19.5.7 NMAC – N, xxx]
6.19.5.8
SECURITY MEASURES: LOCAL SCHOOL DISTRICT AND CHARTER SCHOOL
REQUIREMENTS:
A.
Each local school board and each charter school must develop and implement a student
information system security policy that addresses the following minimum components:
(1)
establishes requirements for the issuance of passwords to ensure system integrity (for example,
the policy may specify the number of characters to be used, require that at least three (3) different types of characters
be used, and preclude the use of spaces);
(2)
requires the use of password protected screensavers with time-out;
(3)
prohibits sharing of passwords;
(4)
establishes an internal system for tracking and identifying individuals with access to the student
identification system, the type of access authorized, and the date, time, and location of any access; and
(5)
ensures that access is immediately terminated upon cessation of an individual’s authority for
access.
6.19.5 NMAC
10/19/2004 3:04 PM
2
B.
Each local school board and each charter school shall regularly review and, as appropriate, revise
its student information system security policy.
C.
The local school district or charter school may not use the student identification number on student
identification cards or display or utilize the student identification number within any other identification system that
is not part of the student identification system.
D.
Local school district superintendents and charter school administrators shall inform employees to
whom access to the student identification system is approved of the requirements of FERPA and the implementing
regulations to FERPA. If the local school district superintendent or charter school administrator has reason to
believe that the requirements of FERPA have not been adhered to by an employee having access to the student
identification system, the superintendent or administrator shall immediately cancel the individual’s access
authorization.
E.
Breach of security: The local superintendent or administrator of a charter school shall
immediately notify the PED’s ADS coordinator if the superintendent or administrator has reason to believe that a
breach of security has occurred with respect to the student identification system.
[6.19.5.8 NMAC – N, xxx]
6.19.5.9
SECURITY MEASURES: PUBLIC EDUCATION DEPARTMENT:
A.
The PED shall, at least annually, assess and strengthen as appropriate the system designed to
prevent unauthorized access to the student identification system.
B.
The PED shall install and utilize appropriate intrusion detection systems to collect information
from a variety of vantage points within its computer systems and networks and analyze this information for
symptoms of security breaches.
C.
The PED shall, on an annual basis, delete all user identification numbers and passwords, subject to
the following:
(1)
The PED shall inform local school superintendents and administrators of charter schools at least
twenty (20) days in advance of the deletion date.
(2)
The PED shall inform local school district superintendents and administrators of charter schools
of the procedures and timelines for reactivating user identification numbers and passwords.
[6.19.5.9 NMAC – N, xxx]
History of 6.19.5 NMAC: [Reserved]