3000 Administration

3100  SUPERINTENDENT OF SCHOOLS

In accordance with the New York State Education Law, Section 2507, the Board of Education shall employ a Superintendent of Schools to administer the affairs and programs of the District, pursuant to contract. The Superintendent shall be responsible for the implementation of the orders of the Board of Education, have administrative discretion over all personnel of the District and, as Superintendent, be responsible for carrying out the Education Law, Commissioner’s Regulations, and for advising the Board of Education on all matters relating to the operation of the School District.

Adopted September 22, 1975
Revised December 14, 1987
Reviewed November 4, 2013
Revision first reading November 25, 2013
Adopted December 9, 2013

Back to the top

3120  DUTIES OF THE SUPERINTENDENT

The Superintendent of Schools shall have the responsibility to:

  • Establish educational program goals consistent with the purpose and continuing objectives of the School District.
  • Establish procedures for development, implementation and evaluation of curricula based on the state mandated and district goals.
  • Organize, reorganize and assign duties to the administrative and supervisory staff in a manner that best serves the interest of the School District and shall likewise be responsible for all general matters pertaining to business affairs, instruction, employee selection, placement and transfer.
  • Supervise and provide an annual evaluation of each member of the administrative staff.
  • Develop and manage a system of intercommunication between the School District and its many publics.
  • Authorize approval of out-of-district travel and attendance of employees at conferences, in accordance with the administrative plan.
  • Perform other duties as prescribed by Education Law 1711 (5) and 2508 and the Superintendent’s Contract.

Adopted September 22, 1975
Revised December 14, 1987
Reviewed November 4, 2013
Revision first reading November 25, 2013
Adopted December 9, 2013

Back to the top

3130  SUPERINTENDENT’S CONTRACT

The Board of Education shall enter into a contract with the Superintendent of Schools for a period of not less than three (3) or more than five (5) years, for him/her to perform the duties and services as its chief district administrator.

Appendix A – Superintendent’s Contract

(Board members’ copies only)

Adopted September 22, 1975
Revised December 14, 1987
Reviewed November 4, 2013
Revision first reading November 25, 2013
Adopted December 9, 2013

Back to the top

3131  USE OF DISTRICT VEHICLE(S)

The Board of Education may provide passenger cars or service vehicles for professional or support staff members, as required in carrying out duties.

All district vehicles will be labeled with Scotia-Glenville School District identification/stickers.

Adopted September 22, 1975
Revised December 14, 1987
Revised January 9, 1995
Reviewed November 4, 2013
Revision first reading November 25, 2013
Adopted December 9, 2013

Back to the top

3140  EMPLOYEE LAPTOP USER POLICY AND AGREEMENT

District-owned laptop computers are the legal property of Scotia-Glenville School District and are provided to employees for use both on and off school grounds in order to enhance, enrich, and facilitate teaching and learning, administrative duties, as well as school communications.  Laptop computers are to be used for school-related business, curriculum enhancement, research, communications and other instructional purposes.  Internet activities must be consistent with this purpose.

Because Information Technology Resources are District provided benefits, there can be no expectation of privacy with respect to an employee’s use of Information Technology Resources, including computers whether hardwired, wireless or handheld, software, files (current or deleted, portable media, portable storage devices, mobile devices, the Internet and email, including attachments).  This includes, but is not limited to, accessing stored information, reviewing logs of incoming and outgoing information and messages, as well as the content of that information.

Incidental personal use of laptop computers must not adversely affect the performance of employee’s official duties or the organization’s work performance, must not be disruptive of co-workers or students, must be of  limited duration and frequency, should be restricted to matters that cannot be addressed during non-duty hours, effectiveness or usefulness of the District’s technology resources.

I understand that:

1.    I will follow and enforce all the rules and conditions of Scotia-Glenville School District’s Information Technology Policies and Procedures in addition to the following set of rules.  A currently signed Staff/Non-Student Network Access Permission and Internet Safety Contract must be on record.

2.    The laptop has district-standard software installed.   Additional district authorized software and education/professional software may be installed on this computer, assuming the completion of Software Acquisition Request Form legal licensing is provided and kept on record in the ITD, and prior approval from the ITD is obtained.

·         District-standard software may not be duplicated, transferred or downloaded to any other system or media.

·         Scotia-Glenville School District is not responsible for any service interruptions or loss of data.

·         Any data corruption or configuration errors caused by the installation of unauthorized software may require a complete re-imaging of the laptop and may result in loss of laptop privileges and possible disciplinary actions.

·         Any unauthorized use or installation of software may result in the loss of laptop privileges and possible disciplinary action.

3.    Antivirus software has been installed and configured for the laptop and will automatically download from internet connection.  No user interaction is required.  Windows Updates will automatically download from an internet connection and may require a restart.

4.    Consent from the IT Department is required to adjust or alter the laptop by the addition or deletion of any hardware.

5.    I will maintain backups of all files to external media or the district network drive.

6.    I will keep the laptop in good working order and will notify the IT Department of any defect or malfunction during my use.  Some repairs/issues may not be repairable.

7.    The IT Department reserves the right to collect laptops at any other times deemed necessary.

8.    I am responsible for the confidentiality and security of identifiable student information or other sensitive data on the laptop.

9.    The laptop should always be used under my supervision.  I will not allow my laptop to be used by an unknown or unauthorized person.  I assume responsibility for the actions of others while using the laptop.  I will not allow my network user account and password to be used by anybody other than myself.

10. I am permitted to use the laptop on a wireless network outside the Scotia-Glenville School District as long as it does not require me to install any additional firewall software or change any of my network configurations.

11.It is my responsibility for the security and care of the laptop.  (Laptop User Guidelines below)

·         If the laptop is lost, stolen, or damaged while on or off school property, the incident MUST be reported within 24 hours to the IT Department, Business Manager, and/or local police.

·         If the lost, stolen or damaged laptop and/or accessories is determined to be caused by negligence or intentional misuse, I will assume the full financial responsibility for repair costs or fair market value of assessed equipment.

12.I must return the laptop, including case, accessories and peripherals upon employment termination, transfer or retirement in accordance with the district’s exit procedures.

Back to the top

Laptop User Guidelines

It is the employee’s responsibility to keep their assigned laptop secure and protected at all times.  Due care should be taken in the handling, transporting and usage of the laptop.  Improper use or not being fully aware of safety issues can cause the laptop irreparable damage.

The following suggestions include:

a.    Use protected storage bags or carrying cases specifically designed for laptops.

b.    Lock laptops in cabinets or desks where possible.

c.    Use cable safety locks when necessary.

d.    Secure the laptop if you are temporarily leaving it unattended.

e.    Avoid creating a trip hazard when plugging in the laptop for power.

f.     Use car trunks or other means to keep laptops out of plain view; keep car doors locked.

g.    Be aware that extreme (hot and cold) temperatures in an enclosed vehicle will harm the laptop.

h.    Keep drinks, food, lotions and other harmful materials away from the laptop.

i.     Make sure that before you put the laptop into its carrying bag, it is left on in sleep mode.

j.     Inspect and clean the air vents in your laptop as part of your weekly routine.

k.    Operate your laptop on a hard surface preferably one that allows ventilation.

l.     Unplug any accessories whenever your laptop is not in use, even for short periods of time, as it uses power unnecessarily and can cause overheating.

m.  If your internet is delivered through DSL, cable or satellite, verify that your internet service provider (ISP) provides firewall protection.

Name: _____________________

Bldgs.(s):        _____ GD          _____ GW          _____ LN          _____ SA    _____ MS          _____ HS          _____ DO
_____ BG

Home Address:_________________________________

Phone (Home/Cell): (_____) _____-___________

Laptop Type:                          Model (near keyboard): unknown____________________

Asset Tag #____________________ Serial #/Service Tag:________________________

(all 6 digits of bar code) (Dell on bottom, HP under battery)

Date Taking Equipment: _____/_____/_______        £ Already have in possession

Date of Expected Return: _____/_____/_______      £ Permanent Assignment

Who is your ISP at home ? __________________________________________

Signature: _________________________________________

Date: ______________________

This policy will be reviewed annually to account for advances in technology and policy changes.  Any questions, concerns or interpretations of this policy not covered in this document will be resolved at the discretion of Scotia-Glenville School Administration and the IT Department.

First Reading 6/11/12
Adopted 8/13/12
Reviewed July 14, 2014
Reviewed July 13, 2015
Revised July 11, 2016
Revised July 10, 2017
Reviewed July 9, 2018
Adopted July 13, 2020
Reviewed July 12, 2021
Reviewed July 11, 2022
Reviewed July 10, 2023
Reviewed July 8, 2024

Back to the top

3145    INFORMATION SECURITY BREACH AND NOTIFICATION

The Board of Education recognizes the importance of protecting private information of individuals in accordance with applicable law and regulations. Consequently, the District is required to notify affected individuals when there has been or is reasonably believed to have been a compromise of the person’s private information, in compliance with the Information Security Breach and Notification Act (State Technology Law Section 208) and Board policy.

Any breach of the District’s information storage or computerized data which compromises the security, confidentiality, or integrity of personal information maintained by the District shall be promptly reported to the Superintendent of Schools and/or Board of Education.

A regulation has been developed to promulgate this policy.

State Technology Law Sections 202 and 208

(Link to search https://its.ny.gov/nys-technology-law)

NOTE:

Refer to Regulation: 3145-R Information Security Breach Guidelines Regulation

Refer to Form: 3145-F New York State Security Breach Reporting Form

First Reading August 14, 2017
Adopted November 20, 2017

Back to the top

3145-R INFORMATION SECURITY BREACH GUIDELINES REGULATION

The Board of Education values the protection of private information of individuals, in accordance with law, regulations, and best practices. The District will work to train staff to prevent breaches, identify breaches and to take action to rectify the situation should such a breach occur. The District is required to notify affected individuals when there has been or is reason to believe that there has been a compromise of the person’s private information, in compliance with the Information Security Breach and Notification Act (State Technology Law Section 208) and Board policy.

Definitions

“Private information” shall mean any information concerning a person which, because of name, number, symbol, mark or other identifier, can be used to identify that person in combination with any one or more of the following data elements, when either the personal information or the data element is not encrypted or encrypted with an encryption key that has also been inappropriately acquired:

Social security number;
Driver’s license number or non-driver identification card number; or
Account number, credit or debit card number, in combination with any required security code, access code, or password which would permit access to an individual’s financial account.

“Private information” does not include publicly available information that is lawfully made available to the general public from federal, state or local government records.

“Breach of the security of the system,” shall mean unauthorized acquisition or acquisition without valid authorization of computerized data which compromises the security, confidentiality, or integrity of personal information maintained by the District. Good faith acquisition of personal information by an employee or agent of the District for the purposes of the District is not a breach of the security of the system, provided that private information is not used or subject to unauthorized disclosure.

All private information stored electronically should be on secure, District-approved information management systems. Employees having access to private information should understand their personal responsibility for protecting student and employee information.

Determining if a Breach Has Occurred

In determining whether information has been acquired, or is reasonably believed to have been acquired, by an unauthorized person or person without valid authorization, the District may consider the following factors, among others:

Indications that the information is in the physical possession and control of an unauthorized person, such as a lost or stolen computer or other device containing information; or indications that the information has been downloaded or copied; or indications that the information was used by an unauthorized person, such as fraudulent accounts opened or instances of identity theft reported; or system failures; hardware or software failures where users cannot gain access to a system   (e.g. the network, FM, SIS) or its data.

Recognizing Additional Signs of a Breach

Signs that a computer or system may have been compromised or breached may include the following:

  • Abnormal response time or non-responsiveness;
  • Unexplained account lockouts;
  • Inoperable passwords;
  • Inability to open website homepage or unexplained changes/content to website;
  • Programs not running properly;
  • Lack of disk space or memory;
  • Bounced back e-mails;
  • Inability to connect to the network;
  • Continuous or increasing crashes;
  • Abnormal hard drive activity;
  • Connecting to unfamiliar sites;
  • Changes in browser settings; or
  • Extra or unfamiliar toolbars that cannot be deleted.

Employees should report a suspected data or computer breach to the Principal and/or designee and to the Assistant Superintendent immediately.

Investigation of Breaches

Breach investigations will be conducted by the Technology Department or a designee of the Superintendent, upon authorization by the Superintendent.  If necessary, law enforcement should be contacted when a breach is detected. Steps to be taken in a breach investigation may include:

Determine exactly what information was compromised (i.e., names, addresses, contact information, social security numbers, student or employee ID numbers, credit/debit card numbers, grades, birth dates, passwords);
Take immediate steps to retrieve data and prevent any further unauthorized disclosures;
Identify all affected records and students and/or employees;
Determine how the incident occurred, including which school officials had control of and responsibility for the information that was compromised;
Determine whether institutional policies and procedures were breached, including organizational requirements governing access (user names, passwords, PINs, etc.); storage; encryption; transmission; and destruction of information from education records;
Determine whether the incident occurred because of a lack of monitoring and oversight;
Conduct a risk assessment and identify appropriate physical, technological, and administrative measures to prevent similar incidents in the future;
Determine when the breach occurred;
Determine which devices or networks were involved;
Determine if the data encryption key was compromised;
Clarify the scope of the breach and the individuals involved (i.e., did it affect a specific, identifiable group of individuals on the District’s network or was it random?); and determine if the breach also involved additional cyber incidents such as denial of service, scans or malicious code.

The District should utilize a back-up system to ensure continuity of operations.

Notification

The District will notify the New York State Attorney General (AG), the New York State Department Consumer Protection Board (CPB) and the New York State Office of Cyber Security (OCS), as required by law. All affected individuals must be notified of the breach if their compromised data meets the classifications described in law. The District may delay notification of affected individuals if law enforcement determines that notification may impede a criminal investigation.

The required notice shall be directly provided to the affected persons by one of the following methods:

Written notice
Electronic notice, provided that the person to whom notice is required has expressly consented to receiving the notice in electronic form; and a log of each such notification is kept by the District when notifying affected persons in electronic form. However, in no case shall the District require a person to consent to accepting such notice in electronic form as a condition of establishing any business relationship or engaging in any transaction;
Telephone notification, provided that a log of each such notification is kept by the District when notifying affected persons by phone; or
Substitute notice, if the District demonstrates to the State Attorney General that the cost of providing notice would exceed $250,000, or that the affected class of subject persons to be notified exceeds $500,000, or that the District does not have sufficient contact information. Substitute notice shall consist of all of the following:

  • E-mail notice when the District has an e-mail address for the subject persons;
  • Conspicuous posting of the notice on the District’s website page, if the District maintains one; and
  • Notification to major local and/or statewide media.

Regardless of the method of which notice is provided, a notification must include:

Contact information for the District official handling the notification;
A description of the categories of information that were, or are reasonably believed to have been, acquired without authorization; and
Details on which elements of personal and private information were, or are reasonably believed to have been, so acquired.

The New York State Office of Cyber Security will be informed as to the timing, content and distribution of the notices and the approximate number of affected persons. The Attorney General and the Division of Consumer Protection should also be informed of these notices to affected persons. Refer to Form #3145-F — New York State Security Breach Reporting Form for contact information, addresses and notification guidelines.

Information Security Breach and Notification Act (State Technology Law Section 208)

First Reading August 14, 2017
Adopted November 20, 2017

Back to the top

New York State Security Breach Reporting Form

Back to the top

3150 PROTECTING PERSONAL, PRIVATE AND SENSITIVE INFORMATION WHEN DISPOSING OF OR REUSING ELECTRONIC EQUIPMENT (PPSI)

The Board of Education recognizes that the District maintains electronic data essential to the operation of the schools.  All members of the School District have a responsibility to protect the School District’s data from unauthorized generation, access, modification, disclosure, transmission or destruction.  In addition, the Board of Education recognizes the need to keep Personal, Private and Sensitive Information (“PPSI”) data secure.  Prior to reusing or disposing of electronic equipment containing PPSI data, all PPSI data will be removed by the Technology Department.

This policy governs the privacy, security, and integrity of school district data, especially confidential data, and the responsibilities of institutional units and individuals for such data.  It also provides the various definitions of data classifications.  The implementation of controls and other related operations for the disposal of electronic equipment that may contain personal, private and sensitive information data is provided in the corresponding regulation.  The policy and regulation provided herein apply to all faculty, staff, students, visitors and contractors.

Data Classifications

Data owned, used, created, or maintained by the school district is classified into the following four general categories:

  • Confidential Data
  • Protected Staff Data
  • Protected Student Data
  • Public Data

Data are generally stored in collections (i.e., databases, files, tables, etc.) Often these collections do not segregate the more sensitive data elements of a collection from the less sensitive data. Therefore, in determining the classification category, the most sensitive data element in the collection will be used to classify the entire collection.

Confidential

Confidential data are considered the most sensitive and require the highest level of protection. Confidential data includes data that the School District must keep private under federal, local, and state laws, contractual arrangements, or based on its proprietary worth. Confidential data may be disclosed to individuals on a strict need-to-know basis only.  Personal, Private, or Sensitive Information (PPSI) is to be considered confidential.

Protected Staff Data

Protected Staff Data is information that must be guarded due to proprietary, ethical, or privacy considerations, and must be protected from unauthorized access, modification, transmission, storage or other use.  This classification applies even though there may not be a civil statute requiring this protection.  Protected Staff Data is information that is restricted to staff and faculty members of the School District who have a legitimate purpose for accessing such data.  Students are not permitted to access this data.

Protected Student Data

Protected Student Data is information that must be guarded due to proprietary, ethical, or privacy considerations, and must be protected from unauthorized access, modification, transmission, storage or other use.  This classification applies even though there may not be a civil statute requiring this protection.  Protected Student Data is information that is restricted to students, staff and faculty members of the School District who have a legitimate purpose for accessing such data.

Public Data:

Public data is information that may or must be open to the general public.  It is defined as information with no existing local, national or international legal restrictions on access or usage. Public data, while subject to School District disclosure rules, is available to the general public.

Back to the top

Data Classification Roles and Responsibilities

Data Owner

A data owner is the individual(s) assigned by the Superintendent or designee to oversee the proper handling of administrative, academic, or research data.  The owner is responsible for ensuring that appropriate steps are taken to protect data and to implement policies, guidelines, and memorandums of understanding that define the appropriate use of the data.  Typically, the owner of a collection of information is the person responsible for the business results of that system or the business use of the information (e.g. Asst. Superintendents, Human Resources, Director of Transportation). Where appropriate, ownership may be shared by administrators of different departments.  The data owner is responsible for and authorized to:

·         Approve who may access data resources and formally assign custody of an information resources asset (e.g. what permissions or types of data a user may access.)

·         Specify appropriate controls (e.g. access, security, proper handling) based on data classification, to protect the information resources from unauthorized modification, deletion, or disclosure. The owner will convey those requirements as necessary for implementation of controls and will educate those who may have access to the data.

·         Confirm that the applicable controls specified are in place to ensure appropriate levels of confidentiality, integrity and availability of the data.

·         Ensure that users, data systems, and relating operations comply with applicable controls.

·         Assign custody of information resources assets (e.g. computerized systems, electronic files) and provide appropriate authority to those who implement security controls and procedures.

·         Ensure access rights to the data are re-evaluated or modified when a user’s access requirements change (e.g. job assignment change, departure).

Data Security Administrator (DSA)

The Technology Department is charged with implementing the controls specified by the owner. The DSA is responsible for the processing, storage and recovery of information. The DSA will:

  • Implement the controls specified by the owner(s)
  • Provide physical and procedural safeguards for the information resources
  • Assist owners in evaluating the overall effectiveness of controls and monitoring
  • Implement the monitoring techniques and procedures for detecting, reporting, and  investigating incidents

Data User

The user is any person who has been authorized by the owner of the information to read, enter, or update that information. The user has the responsibility to (1) use the resource only for the purpose specified by the owner, (2) comply with controls established by the owner, and (3) prevent disclosure of confidential or sensitive information. The user is the single most effective control for providing adequate security.

NIST Special Publication 800-60 Volume I Revision 1

New York State Division of Homeland Security and Emergency Services. Office of Cyber Security. https://www.dhses.ny.gov/

IMS Data Classification Regulations to implement controls on the data.

Based on NYS Office of Cyber Security Publication PS08-001 v1.1.

First Reading: August 14, 2017
Adopted November 20, 2017

Back to the top

3150-R PROTECTING PERSONAL, PRIVATE AND SENSITIVE INFORMATION WHEN DISPOSING OF OR REUSING ELECTRONIC EQUIPMENT (PPSI) REGULATION

In order to safeguard critical District data, the disposal process must be followed whenever a copy machine is returned to the vendor of origin or electronic equipment (computers and related equipment) is disposed of.  Recognizing the frequent change in technology capacity, said procedures shall be modified accordingly.

COPY MACHINE DISPOSAL

·         When procuring (leasing) a new copier or multi-function device, a line on the purchase order for the new unit must include the district’s purchase of the hard drive for the unit if/when device is returned to the vendor.

·         The District purchasing agent will input a Helpdesk ticket informing the Technology Department that a copier is being returned to the vendor of origin and to expect its hard drive.

·         The Technology Department will forward the Helpdesk ticket number to the department/principal’s secretary.

·         The hard drive will be left with the department/principal’s secretary by the copy vendor technician.

·         The department/principal’s secretary will open a Helpdesk ticket informing Technology Department that the hard drive referenced in ticket #XYZ (the ticket number opened by the purchasing agent) is ready for transport to Technology Department by the District Courier.

·         The District courier transports hard drive to Technology Department.

·         Upon receipt, the Technology Department will format for re-use, store or destroy the hard drive as applicable.

·         Technology Department will then close both Helpdesk tickets.

DISTRICT OWNED DISPOSAL – Other than copiers

·         In conjunction with the Technology Department, a determination is made as to the existence of a hard drive or other storage device that may contain data in the electronic equipment.

·         When a hard drive or other device has been identified, the purchaser will input a Helpdesk ticket requesting the removal of all data from the hard drive.

·         The Technology Department will either make an on-site service call or have the device sent to the Technology Department repair shop.

·         Upon completion of the hard drive or other device data sanitation task, Technology Department will inform the purchaser that the device has been cleared for disposal by indicating such in the Helpdesk ticket.

·         No electronic equipment containing a hard drive or other storage device is to be disposed of until the Technology Department has verified that all PPSI data has been removed from the electronic equipment for disposal.

DISTRICT BOCES/NERIC DISPOSAL – Other than servers

Information Services (Technology Department) Preparation:

·         Verify equipment that is to be replaced, as determined by the annual Technology Open Picture process and obsolescence model.

·         Record information in the inventory database for each applicable item, as needed (e.g.  Action:  Return).

·         Communicate (a few months prior) with BOCES our intent to return obsolete equipment.

·         Prepare hardware checklists or inventory spreadsheets for BOCES listing items to be returned.

·         Identify and document the general condition of equipment (e.g. fair, not operational).

·         Pull labels and any location/identity tags from equipment.   Do not remove BOCES tags.

·         Reimage or wipe data from computers that were assigned to main office clerical, District Office staff, administrators, and any others that may possibly contain PPSI data.

·         Document hardware checklist or spreadsheet to show data removal action taken on each computer.

·         For equipment not in use, the Technology Department may inventory and store in a separate location in anticipation of return.

Back to the top

Coordinate with BOCES:

·         Send equipment detail (e.g. spreadsheet, list) to BOCES so they may obtain disposition instructions/approvals from their Business Office. (confer with them on lead time needed).

·         Receive confirmation that the return of equipment to BOCES has been approved.

·         Coordinate dates/times/location for equipment pick-up.

Return Equipment:

·         The Technology Department does physical inventory of “Return to BOCES” equipment and separates it from other equipment.

·         BOCES representative arrives for the equipment removal and meets with designated Technology Department staff.

·         The hardware checklist or inventory spreadsheet is verified against equipment pulled for return.

·         BOCES representative signs/dates hardware checklist or inventory spreadsheet upon taking equipment.

Paperwork Follow-up:

·         Keep electronic copies of paperwork documenting equipment returns.

·         Keep paper copy of the entire signed hardware checklist or spreadsheet, certificates of destruction, or related paperwork received from BOCES or vendor.

·         File with Technology Department TOP documents.

·         Delete items returned to BOCES from the Technology Department inventory database.

SERVER DISPOSAL – All servers

Procedure

·         Verify that the services provided by the server are no longer in use or needed.

·         Return all hardware settings to default.

·         Remove any/all references to Scotia-Glenville from the server.

·         Logical references such as the LCD screen name of the server (e.g. ‘SG E-Mail Server’).

·         Physical references such as the Scotia-Glenville inventory tracking labels.

·         Boot the server with a bootable device or to the server hardware controls, whichever is more appropriate or convenient.

·         Perform a disk wipe on the drives/array.

·         Reboot the server and verify it doesn’t boot to an Operating System.

·         Run a vendor recommended hardware diagnostic on the server to make sure things are in good shape upon return to BOCES\NERIC or otherwise let them know what may be wrong with the equipment.

·         Coordinate a pick-up date with BOCES\NERIC.

·         Follow our Technology Department disposition process to return the server to BOCES\NERIC.   Be sure to double check the list of things going back with the BOCES\NERIC person and have that person sign-off a return sheet (with copy to them; original to Technology Department).

REUSE/RELOCATION – All

Review Requests/Projected Moves:

·         As determined by Technology Opening Picture (TOP) process (e.g. user requests; obsolescence).

·         Per helpdesk request from Principal/Administrator (e.g. staff/program relocation; IEP/SpEd).

Back to the top

Preparation:

·         Assess cable/power needs, if applicable.

·         Prepare or coordinate cabling/power/port activations.

·         Coordinate installation time (e.g. class in session; school breaks; summer).

·         Discuss issues with supervisor, as needed (e.g.  added costs, difficult install, priorities).

Inventory:

·         Verify specific equipment to be moved.

·         Complete Technology Department inventory sheet.

·         Prepare new equipment label, as needed (e.g. new Workstation ID, printer ID).

Equipment Set-up:

·         Reimage computer workstation/laptop with the appropriate software image.  Always provide the computer with a new image.  This also ensures that PPSI is removed.

(Note:  Can complete in the Technology Department before the move or on-site after placed in its new location.).

o      Deliver equipment or coordinate with custodians for relocation of equipment

o      Connect in new location.

o      Verify proper operation (e.g. turn on; login; test print).

Paperwork:

·         Upon completion, give inventory sheet to the Technology Department secretary (or whoever is doing the data entry).

o      to update the Technology Department inventory database.

o      to notify Purchasing Dept. of any location changes, if a Scotia-Glenville asset.

·         Close helpdesk ticket, if applicable.

·         Provide update to supervisor, as applicable (e.g. TOP tracking documents; summer planning).

1 NIST Special Publication 800-60 Volume I Revision 1

2 New York State Division of Homeland Security and Emergency Services. Office of Cyber Security. http://www.dhses.ny.gov/ocs/

3 Technology Department Data Classification Regulations to implement controls on the data.

NOTE:

Refer to Regulation 4355R Internet Content Filtering Safety

Refer to Policy: 5355 Student Use of Computerized Information Resources (Acceptable Use Policy);

First Reading: August 14, 2017
Adopted November 20, 2017

Back to the top

3160  EVALUATION OF SUPERINTENDENT

A performance evaluation of the Superintendent of Schools shall be made annually. Such evaluation shall be based on mutually determined accountability factors as they are related to the perceived needs of the District. Such accountability factors, with comments supporting appraisal, shall be a part of evaluation of the Superintendent. The effectiveness of the Superintendent shall be based on an analysis of the factors affecting performance. The Superintendent shall have an opportunity to respond to the appraisal before it becomes a permanent entry in his/her personnel folder.

Appendix B – Superintendent’s Evaluation Form

Adopted September 22, 1975
Revised December 14, 1987
Reviewed November 4, 2013
Revision first reading November 25, 2013
Adopted December 9, 2013

3230  ORGANIZATION CHART

An organization chart for the district shall be prepared by the Superintendent of Schools and approved by the Board of Education to delineate clear lines of responsibility and the established relationships of all employees within the district organization. The organization chart will be updated by the Superintendent periodically.

Appendix C – Organization Chart

Adopted December 14, 1987
Revised December 7, 1998
Reviewed November 4, 2013
Revision first reading November 25, 2013
Adopted December 9, 2013

3310  SCHOOL DISTRICT REGULATIONS

The Superintendent may promulgate School District Regulations that provide specific requirements and procedures to be followed to implement the requirements of the law and the Board policies. Federal, State and local laws and regulations as well as Board policies take precedence over school   district regulations.

School district regulations shall be submitted to the Board of Education for  Board review and discussion.

The Superintendent shall provide an annual update of the regulations that have been approved for consistency with the law and Board policies.

All school District regulations shall identify themselves as such.

Adopted January 8, 2007

Back to the top

3350  ADMINISTRATIVE PROCEDURES

School district administrators may create Administrative Procedures that provide for specific guidelines and procedures to be flowed with a building department or other administrative unit to implement the requirements of the law, board policies and school district regulations.

The Superintendent shall be responsible for final approval of any Administrative procedures in the district.

Administrative procedures that are primarily intended for communication with students or the public shall be submitted to the Board of Education for review and discussion.

Federal, State and local laws and regulations, Board policies and school district regulations take precedence over administrative procedures. The Superintendent shall provide for the review of Administrative procedures to ensure that they are  consistent with the law, Board policies and school district regulations.

Adopted January 8, 2007

Back to the top

3400  ADMINISTRATIVE REPORTS

The Superintendent of Schools shall arrange to have periodic reports presented to the Board at a regular or special meeting.  The reports shall  include but not be limited to: curriculum, school lunch, treasurers, special education, comprehensive assessment report (CAR), testing, investments.

In addition, special reports from the Superintendent on special issues, or to monitor the effectiveness with which the school system is being administered, may be requested by the Board.

Adopted December 14, 1987

Back to the top