Technology Staff
Adam Hollins
Technology Director
ahollins@sau15.net
Quick Links
- Auburn School District 2019-2022 Technology Plan
- Auburn School District Digital Tools Registry
- Technology FAQs
- Phishing Scams: A Guide for Preventing Problems
Student Data Privacy
Protecting student and staff personally identifiable information (PII)
At the Auburn School District, we work continuously to secure our staff and student data. Parents and educators should be aware that the FBI has warned school districts that student data is a very valuable target for cybercriminals. This is because students do not have an established credit record, and their identities are easier to impersonate; but also, because cybercriminals are collecting, selling, and saving data sets for future crimes.
For assistance with data privacy concerns, please contact Chief Information Security Officer, Adam Hollins, at ahollins@sau15.net.
Auburn’s Approach
We take data privacy very seriously, while striving to support educational innovation. Since the passage of HB1612 we have taken the following steps:
- The Technology department strives to maintain best security practices, as it has for many years.
- The Auburn School Board approved a Data Governance Policy in 2019. The plan is annually reviewed and updated as needed by administration and the School Board.
- During the 2019-20 school year, we evaluated each and every online tool that we use in the district to determine if the tool collects student or staff PII; if it does, we ask the vendor to sign a NH Data Privacy Agreement (NH DPA). In short, we do not accept the vendor’s out of the box privacy terms – we ask them to accept ours. Vendors who do not agree are not used in the district.
- In 2023, we worked with Primex (NH Public Risk Management Exchange) to create a Cyber Security Incident Response Plan (IRP) to help guide us in case of an attack that causes downtime and impacts learning for extended amounts of time. This includes annual tabletop meetings with Primex and district administration to test our plan using mock scenarios and make any necessary improvements to our plan. In 2024, we will be building a Continuity of Operations Plan (CooP) to ensure we are prepared to deal with any potential long term technology outages.
- As part of our security initiative all teachers and staff must have 2FA (Two-factor Authentication) enabled on their district accounts. This is a huge step towards protecting both staff and student PII (Personally Identifiable Information) and ensure we are following best practices for account security.
(It is important to note that data security encompasses a wide range of practices on local and cloud-hosted servers, and we do not publish or share details of our security approach, per RSA 91-A:5, XI)
NH State Law
District policies and procedures align to NH RSA 189:66, V. This RSA was amended in 2018 (HB1612) to give the NH Department of Education, NH school districts, and application vendors the responsibility to secure our student and staff PII. We are also responsible to federal laws such as FERPA, COPPA and CIPA.
Schools have a longstanding culture of adopting free online tools because of tight budgets and to help engage students in their learning. Unfortunately, data privacy was often not a consideration when selecting these tools, a concern that the NH Legislature addressed by passing HB1612.