The West Fargo School District believes that while collection and use of learner information is necessary to provide educational and learner support services, the district must implement safeguards to ensure information is appropriately protected and used to serve the best interests of learners. The purpose of this policy is to establish such safeguards.

Definitions

Directory information is defined as personally identifiable information contained in a learner education record that is generally considered not harmful or an invasion of privacy if disclosed and includes:

• Address
• Grade level
• Name (first and last)
• Photograph
• Email address
• Learner identification number if it cannot be used alone to access an educational record and is not the learner’s social security number
• Telephone listing
• Parent/Guardian contact information

Education record is defined as any record that directly relates to a learner and is maintained by the district or by a party acting for the district. This definition excludes law enforcement records and records in the sole possession of the maker used only as a memory aid.

Eligible learner means a learner who has reached the age of 18.

FERPA stands for the Family Educational Rights and Privacy Act.

Legitimate educational interest is defined as access that is needed in order for a school official to fulfill his/her professional responsibility.

Parent means a parent of a learner and includes a natural parent, a guardian, or an individual acting as a parent in the absence of a parent or a guardian.

Permanent record is defined as a record containing a learner’s name, address, phone number, record of grades, years enrolled, courses attended, and grades completed.

Personally Identifiable Information (PII) includes information maintained in the learner’s education record that could be used alone or in combination to trace a learner’s identity directly or indirectly and would allow a reasonable person, who does not have personal knowledge of the relevant circumstances, to identify the learner with reasonable certainty.

Record means any information recorded in any way including, but not limited to, handwriting, print, computer media, video or audio tape, film, microfilm, and microfiche.

School official is defined as an individual who has a legitimate educational interest in accessing learner educational records and is affiliated with the district in one of the following capacities:

• An individual employed by the district in an administrative, instructional, or support staff position
• School board members
• Contractors, consultants, volunteers, service providers, or other party with whom the school or district has outsourced institutional services or functions for which the school or district would otherwise use employees; records provided to these third parties must remain directly under the district’s control for purposes of maintenance and use and the third party must agree to comply with 34 C.F.R. 99.33(a). Examples include, but are not limited to, school resource officers, interns, learner teachers, the district’s attorney, PowerSchool, SLDS, learning management software, hot lunch tracking software, Viewpoint, and district alert systems.

Designation and Responsibilities of Privacy Officers

The superintendent or designee shall serve as chief privacy officer. In this role, the superintendent is responsible for learner information sharing requests from third-party individuals/entities other than parties to which the district reports learner information under law. The superintendent shall also maintain a master list of all individuals and entities having access to learner information, including school district personnel listed by title. To ensure this list remains current and is manageable to maintain, it shall not contain names of individuals who have access to data.

The superintendent may designate privacy officers at the district and building level. These privacy officers are responsible for:

1. Maintaining a list of school personnel by title who have access to learner information; this list shall be provided to the superintendent each time it is updated;

2. Submitting to the superintendent new requests to share learner information with third-party individuals and entities other than parties to which the District reports learner information under law;

3. Ensuring that access to learner information is granted only to the extent there is a legitimate educational interest and in accordance with this policy and any applicable agreements;

4. Enforcing this and other applicable district confidentiality and data protection policies;

5. Providing a list of learners who have opted-out of directory information to classroom teachers and other district staff who have a need to know.

Content of Educational Records

The education record shall include:

1. Basic identifying information about the learner and their family;
2. Proof of identity/certified birth certificate;
3. Attendance data;
4. Credits earned, grades, records of achievement in the basic skills and other progress reports;

If appropriate, such information as:

• Health information, including immunization records;
• Test results of achievement, aptitude, intelligence, and interest;
• Records pertaining to the identification, evaluation, placement, and progress of learners in special education;
• Other pertinent information that will enable school personnel to counsel with learners and plan appropriate learning activities.

Information Release Safeguards

Access by Parents and Eligible Learners

To ensure compliance with parental and eligible learner access requirements under FERPA:

• The district shall comply with a request by a parent or eligible learner to access education records within a reasonable period of time, not to exceed 45 days after receipt of a request.
• The district shall develop procedures for a parent/guardian/learner to review and amend educational records. These procedures shall include measures to verify the identity of a requesting parent/eligible learner. The regulations shall be delineated in district approved guidelines and disseminated annually in accordance with law.

Classroom Use of Instructional Tools Requiring Release of Learner Information

Teachers are encouraged to use instructional technological tools that allow for use of an alias or that do not require submission of directory information or PII. Whenever a teacher wishes to use an instructional tool that requires release of directory information, or PII the teacher shall submit a request to the building-level privacy officer. The privacy officer shall check the district’s master list of individuals and entities approved to receive learner information. If the entity is not on this list or the teacher’s request is beyond the scope of information sharing permission previously granted, the privacy officer shall either deny the teacher’s request or submit an information-sharing request to the superintendent for approval. If the teacher is authorized to use the instructional tool, the building-level privacy officer shall ensure the teacher complies with any parental consent requirements and directory information opt-out requests before using the tool.

Data Breaches

District employees are responsible for informing a privacy officer of any known or suspected breach of PII. When a privacy officer becomes aware of a breach of learner PII, s/he shall contact the chief privacy officer. The chief privacy officer shall determine if enactment of data breach response procedures contained in policy IDC and NDCC Ch. 51-30 is appropriate.

Information Storage and Destruction

Learner education records shall be reviewed annually and any records unnecessary for progression to the next grade level, not needed for college entrance purposes, not needed for extracurricular participation, not needed for disciplinary purposes, and records that are not part of the permanent record will be shredded or destroyed. Exceptions apply for any content that may reasonably be related to litigation or anticipated litigation (retain for six years after a learner turns eighteen), bullying reports (retain in accordance with policy ACEA), concussion documentation (retain in accordance with policy FCAF), executive session tapes (retain for at least six months), PowerSchool records, and special education records (retain in accordance with the Individuals with Disabilities Education Act).

Directory Information

The district may disclose directory information without parental/eligible learner consent if it has given parents/eligible learners a reasonable amount of time to opt-out of directory information release. Opt-out notices should be provided at the beginning of the school year and when a learner otherwise enrolls in the district. These notices shall contain a reasonable deadline of at least 10 days for parents/eligible learners to opt out.

The superintendent approves release of directory information as follows:

1. Publication on the district’s website and social media accounts
2. To superintendent -approved vendors for purposes of sale of school-related items such as, but not limited to, yearbooks, school pictures, graduation items, district apparel, and book orders
3. To military and college recruiters in accordance with applicable laws (NDCC 15.1-07-25.1 and 20 U.S.C. 7908)
4. To official district newspaper for purposes of recognizing learner accomplishments and coverage of extracurricular events
5. To school-affiliated groups for purposes of communicating and fundraising
6. To school-sponsored learner publications including, but not limited to, newspapers and yearbooks
7. When the superintendent receives and approves a directory information release request; directory information shall only be released and used for purposes specified in the release request and the superintendent shall add approved requestors to the district’s master list of individuals and entities having access to learner information. The superintendent shall develop criteria in regulations for approving and denying these requests.

Any district employee who wishes to disseminate learner directory information to a third party shall contact his/her privacy officer. The privacy officer shall determine if the superintendent has previously approved such release and, if not, deny the request or submit it to the superintendent for board approval. Upon superintendent approval, he/she shall instruct the privacy officer to ensure compliance with any opt-out requests made by parents.

Personally Identifiable Information (PII)

Any third party requesting or receiving access to learner PII must receive superintendent approval unless the third party is required to receive PII under state or federal law. Any school employee who wishes to share PII with a third party shall contact his/her privacy officer. The privacy officer shall determine if the superintendent has previously approved such release and, if not, deny the request or submit it to the superintendent for approval. Upon superintendent approval of any PII release request, the applicable privacy officer shall inform the requestor of any parental consent requirements (see #7) and ensure the requestor complies with such requirements.

Parental/eligible learner consent is not required to release PII under the following circumstances:

The district receives information under 42 U.S.C. 14071 and applicable federal guidelines about a learner who is a registered sex offender under section 170101 of the Violent Crime Control and Law Enforcement Act of 1994 (42 U.S.C. 14071), and the district has a need to disclose the learner’s status as a sex offender for safety purposes.

1. In connection with a health or safety emergency under the conditions described in 34 C.F.R. 99.36
2. If records have been de-identified by the District; third party individuals and entities that receive de-identified information shall be included on the district’s master list of individuals and entities having access to learner information
3. To a school official who has a legitimate educational interest in the education records if the following conditions are satisfied:
   1. Access shall be limited to only information the school official has a legitimate need to know
   2. School officials shall use the information only for the purposes for which the disclosure was made and shall not redisclose the information to any other party without proper consent or legal authority
   3. Titles of individuals and entities considered school officials shall be included on the district’s master list of individuals and entities having access to learner information
4. To a court without a court order or subpoena when the district initiates legal action against a parent/learner or a parent/learner initiates legal action against the district
5. To accrediting bodies for purposes of accreditation
6. To an organization conducting a study for the District to develop, validate, or administer a predictive test; administer learner aid programs; or improve instruction so long as the organization has entered into a written agreement with the superintendent in accordance with law; if the organization is conducting a survey of learners, the District shall ensure parents are notified in compliance with policy GCC and shall obtain parental consent, if applicable (see #7)
7. To another school in which the learner seeks, intends to, or is already enrolled
8. To authorized representatives of the Comptroller General of the United States, the Attorney General of the United States, the U.S. Secretary of Education, and state and local educational authorities for audit or evaluation of federal or state supported education programs or for the enforcement of or compliance with federal legal requirements that relate to those programs
9. To comply with a judicial order or lawfully issued subpoena; the District must make reasonable attempt to contact the parent/eligible learner before disclosure unless the court order instructs otherwise
10. To the parents of an eligible learner who is also a "dependent learner" as defined in IRS Section 152

11. To the state entity managing a learner information system so long as the organization has entered into a written agreement with the District in accordance with law; the data sharing agreement must include a clause that designates the department as an authorized representative of the District under FERPA for purposes of the statewide longitudinal data system.

The district will take measures necessary to ensure that individuals and entities to which PII is released shall only have access to information necessary to fulfill their responsibilities under law and to the district. Measures may include, but not be limited to, controlling access to computer data through password restrictions, controlled access to paper records, and ensuring that any information access agreements required by law are properly executed by the District.

When Parental Consent is Required

The district must obtain parental/eligible learner consent to release learner information under the following circumstances:

1. The superintendent has approved release of PII to an individual or entity not meeting the definition of school official under law and/or not meeting an exception to the parental consent requirement under FERPA
2. The superintendent has approved release of directory information, other than or in addition to name, or PII to an online service provider for commercial purposes and the impacted learners are under 13
3. When administering a survey funded in whole or in part by the U.S. Department of Education and concerning any of the following areas:
   • Political affiliations or beliefs of the learner or the learner’s parent
   • Mental or psychological problems of the learner or the learner’s family
   • Sex behavior or attitudes

   • Illegal, anti-social, self-incriminating, or demeaning behavior

   • Critical appraisals of other individuals with whom respondents have close family relationships

   • Legally recognized privileged or analogous relationships, such as those of lawyers, physicians, and ministers

   • Religious practices, affiliations, or beliefs of the learner or learner’s parent

   • Income (other than that required by law to determine eligibility for participation in a program or for receiving financial assistance under such program)

If the district is unable to obtain this consent, it shall not release the impacted learner’s information.

504 Plans and Individual Educational Programs (IEPs)

Sharing of learner information necessary for developing, amending, or implementing an IEP or 504 Plan and sharing learner information needed to determine eligibility for special education or disability services are not subject to board approval requirements in NDCC Ch. 15.1-07-25.3 because the district provides these services in fulfillment of requirements under state and federal law.

Policy Violations

Failure by a district employee or volunteer to comply with this policy, other district confidentiality requirements, or any improper disclosure of learner information by a school employee or volunteer shall result in disciplinary action up to and including dismissal in accordance with applicable law. Failure by a third party to comply with this policy, any information-sharing agreements between the district and third party, or any improper disclosure of learner information by the third party may result in termination of the third-party’s access to learner information and termination of the district’s agreement with the third party if permitted under the terms of such agreement.

Training

School officials employed or volunteering for the district shall receive information and/or training on confidentiality requirements pertaining to learner education records and consequences for breaching confidentiality. The district shall also provide training to applicable school personnel on the procedures for requesting to release learner information contained in this policy.

 

 

Adopted: 03/22/76

Reviewed:

Revised: 11/24/80

11/12/85

05/24/99

01/09/12

02/16/16

08/26/25