Administrative Procedure 185 – Appendix

Workspace Security And Organization

Background

Also known as a “Clean Desk Policy”, the purpose of this Appendix is to establish a culture of privacy, security, organization and trust for all documents and electronic media that will protect all staff, student, parent, and guardian information. An organized workspace produces a positive image for District facilities, reduces and eliminates the threat of a security incident such as the loss or theft of confidential, proprietary or sensitive information, and encourages the efficient organization of individual working environments. Anyone working with personal information is subject to this procedure.

Procedures

  1. Destroy information that is no longer needed. Ensure hard copies of sensitive information are disposed of in a secure way, in accordance with Administrative Procedure 185 – System Records Retention. Do not dispose of any documentation containing personal information in recycle bins. Delete computer files, and empty the Groupwise deleted items folder and recycle bin on your computer.
  2. Secure all information in your workspace. Protect hardcopy materials, electronic media (e.g., memory sticks, CDs, DVDs, external hard drives), smart phones and tablet devices when not in use. Use a screensaver that is password protected when the computer is idle for an extended period of time. Consider scanning paper items and filing them electronically on a secure network drive. Do not keep confidential documents on your desktop.
    At known extended periods away from your desk, such as a lunch break, sensitive working papers are expected to be placed in locked drawers. This includes documents and notes, as well as post-its, businesses cards, and electronic media. If your system is left unattended, make sure to lock it so a password is required to log in. At the end of the working day it’s expected that employees tidy their workstations and secure all office documents and electronic media in a safe environment. The District provides locking desks and filing cabinets for this purpose.
  3. Protect sensitive material like any other valuable by locking/securing it. Make sure that your monitor is not easily visible to others and if necessary, reposition it or use a privacy filter device. After meetings, remember to erase white boards if they contain any type of sensitive data. Treat mass storage devices such as CDROM, DVD or USB drives as sensitive and secure them in a locked drawer. Whenever possible use District network storage.

Adopted:

September 21, 2016

Amended:

 

Reference:

Section 23, 60, 61, 75, 113 School Act

Freedom of Information and Protection of Privacy Act

FOIP Regulation 200/95

Student Record Regulation 225/2006

Information Bulletin 3.2.5 – Access to Information

Information Bulletin 3.2.7 – Student Record Regulation Information