questions - web viewcreate and edit word, ... implementation follows all of the provisions in the...

Privacy Impact Assessment for

[MS Office 365 in the Classroom]PIA# <assigned by your privacy office(r)>

Name of District: <Name> Board of Education – SD <##>PIA Drafter: <Name, Title of School District Contact>Email: <Email of School District Contact> Phone: <Number of SD Contact>Program Manager: <Name, Title of initiative contact, if different from PIA Drafter>Email: < Alternate to the above> Phone: <Alternate to the above>

NOTE TO DISTRICTS:

<The RED text in this document should be removed from the final version of your District’s PIA.>

We understand your District has chosen to make use of Office 365 Cloud in your Classrooms. By conducting this Privacy Impact Assessment it will help your District ensure compliance with the Freedom of Information and Protection of Privacy Act when introducing new programs or iniativies that involve the collection, use and disclosure of personal information. Note: Appendix D, Checklist and Confirmation List for Office 365.

In an attempt to assist you in the deployment of this program, this Privacy Impact Assessment (PIA) has been partially completed for you. Please review and edit this document carefully to ensure it accurately reflects the intent and scope of your initiative. We have done our best to indicate where information from your district is required. Sections where the text is placed between a left chevron symbol i.e. < and a right chevron symbol i.e.> are to be completed by the district. Do not remove any parts of the PIA. Where a section does not apply, enter “Not Applicable.”

This privacy impact assessment (PIA) covers the provision of Microsoft Office 365 cloud-based services for students across BC as detailed below. Email and on-line services for School District faculty and administrative staff are out of scope of this PIA as stated in 2. Scope of PIA.

Please note that this PIA is intended for Districts that have not migrated their data to the Canadian servers and are currently storing student email accounts in the United States of America.

If your District chooses to implement Office 365 for faculty and staff, a separate PIA is needed.

Please note: the comments and opinions expressed in this document are to help illustrate the content needed to complete a School/District PIA. This information does not constitute ERAC or OIPC approval of the initiative being consulted on or fetter the Commissioner’s discretion should the initiative later be the subject of a complaint or investigation. It remains the responsibility of public bodies to ensure that they comply with their duties and obligations under applicable law.

1 | P a g e

http://bcerac.ca/agreements/microsoft-pml.aspx

Part 1 – General

1. Description of the Initiative

This Privacy Impact A ssessment (PIA) is to facilitate BC School Districts in the provision of Microsoft Office 365 cloud-based services for students across BC and to ensure that these services are offered in way that is compliant with the Freedom of Information and Protection of Privacy Act (FOIPP Act). Email and on-line services for School District faculty and administrative staff are out of scope of this PIA.

Based on this PIA, a checklist has been created that will serve as a means for School Districts to determine if their use of an Office 365 solution meets the requirements set out in the FOIPP Act. If a School District meets all of the criteria set out in the checklist, this PIA and the accompanying checklist, as provided in Appendix D, will serve as the School Districts’ PIA as required under s.69(5.3) of the FOIPP Act. Each School District is responsible to ensure that it has appropriate authority under the FOIPP Act to collect, use, and disclose any personal information as a part of its involvement with this initiative.

Use of Office365 for Education Service by BC students:

School Districts would like to offer their K-12 students access to the Microsoft suite of services included as a part of the Office 365 for Education application. Office 365 http://bcerac.ca/agreements/microsoft-pml.aspx ) offers a number of elements for communications and collaborations, most notably email, calendars, instant messaging, document viewing and editing in a web browser, and collaborative workspaces, and offers them f r ee of c h a r ge f or s tu d e n t s .

Microsoft will offer their services to those who are confirmed as students of BC by the School Districts. Participating students will have signed informed consent forms acknowledging that their personal information will be disclosed, stored and accessed outside of Canada. The School Districts will facilitate the consent-gathering by sending home with every student a letter of intent (Appendix A) along with a consent form (Appendix B).

It is the responsibility of each School District to ensure that their consent forms meet the criteria set out in the Freedom of Information and Protection of Privacy Regulation section 11 (Appendix C).

Each School District will send to Microsoft a list of students who have signed/have had their parents sign consent forms (as applicable, pursuant to s. 3 of the FOIPP Regulation) along with their respective School District so that Microsoft can provision the student with the email address and add them to the appropriate school network within the Office 365 collaborative environment. The School Districts will in turn scan, and digitally store all consent forms on their local file storage areas. A sample consent form is attached to this PIA as Appendix B. Once Microsoft has received


2 | P a g e

http://bcerac.ca/agreements/microsoft-pml.aspx

confirmation that an individual is a student in BC, they will activate an email address for that student, which will also provide the student access to the other Office 365 services listed in Section II, Part 2.

T he u s e of the O ff i c e 3 6 5 s er vi c e i s n o t an e d u c a t i o n a l r e q u i r e m e n t f or s tu d e n t s . Students will not be obliged to use the email, and all school activities that rely on t h e u s e of s tu d e n t e m a i l m u s t a l l o w f or a n d a cc e p t a l ter na te e m a i l a d dre ss es or an e q u i v a l e n t m e a ns o f s tu d e n t p a r t i ci p a t i o n . At no time can a student be denied participation in a school-sponsored event or activity because they have not registered for an Office 365 email address.

School District’s Policy on the Use of Office 365 (“Use Policy”):

Students’ O ff i c e 3 6 5 e m a i l a d dre ss es are i n t e n d ed t o a i d i n the e d u c at i o n a l pro c e s s a n d f a c i l i ta t e the i n s tru c t i o n of d i g i t al , a n d o n l i ne - b a s ed s k ill s i n order to b et t er e q u i p th e m f or the w or k i ng wor l d . The School Districts will individually create and/or implement a Policy on the Use of Office 365 (“Use Policy”) in order to set out the School District’s expectation of how the Office 365 account will be used. The Use Policy will address awareness of the potential impacts of sharing digital information online and the importance of protecting personal information, as these are key components of digital literacy.

The U s e P o li c y will set out the specific educational uses for which the email accounts are expected to be used, along with the rules as to what will constitute “appropriate use” of these accounts. The Use Policy must also set out, in very clear terms, to what degree and in w h at c i rc u m s ta n c e s , th ei r O ff ic e 3 6 5 a cc o u nt i n f or m at i on w i l l b e m o ni tored a n d /or v i e w e d b y a d m i n i s trat o r s (e.g. only in resolving technical issues, or when inappropriate use is suspected, etc). This policy must be very explicit and clear in terms of what expectations of privacy the students will have. The Use Policy should state that the expected use of the email addresses will be for school-based activities (i.e. emailing only other students, school faculty, or school administrators, and all other emailing activities must fall within the scope of the ‘appropriate use’ section of the Use Policy). In this way, the only individuals whose information will be in the c u s to d y or u n d er t he c o nt r ol of t h e S c h o o l D i s tr i c t as a part of the Office 365 Program w i l l b e th o s e f or w h o m a c o n s e n t f orm h a s a l r e a d y b e en s e c u r e d .

The Use Policy should also direct faculty and administration as to what constitutes appropriate use of a student’s email address. For example, f a c u l t y a n d a d m i n i s tra t i on s h o u l d be d i r e c ted t o o n l y u s e e m a i l a d dre s s f o r e d u c at i o n a l or sc h o ol -r e l at e d p urpo s e s . Faculty and administration should be made aware that any information that they send to student email addresses will be stored outside of Canada. For this reason, they should not be sending students any of their own personal information, and emails should be restricted as above.

N.B. Training on the Use Policy should be provided to students, faculty and administrators in order that appropriate use is understood by all users of the Office 365 Program.


3 | P a g e

School District Custody and Control:

Although the Use Policy developed by the School District sets out the intended use of Office 365 for Education, the risk of inappropriate or unintended use exists, and in such cases the School District may be considered to still have custody and control of that information.

The risks and their mitigating strategies are identified in Part 2, #9.

2. Scope of this PIA

This privacy impact assessment (PIA) covers the provision of Microsoft Office 365 cloud-based services for students across BC as detailed below. Email and on-line services for School District faculty and administrative staff are out of scope of this PIA.

High level services offered by Microsoft Office 365 and the accepted uses within the scope of this PIA:

Service Accepted Use

EmailCloud-based Microsoft Exchange student email accounts and calendars, on School District specific domains, with 25 GB of storage per user

Student mailboxes and calendar content will reside onMicrosoft-owned servers.

Student, or where necessary parental, consent for storage of student email in the cloud will be obtained via a hard copy form signed by students, or (where necessary) parents and returned to the school. The signed form will be scanned and saved on local file storage areas prior to a student’s account being activated. See Appendix B for a sample consent form.

Students will adhere to the terms of the Use Policy implemented by the School District, which defines:- appropriate use of the email accounts by students- appropriate use of the students’ email addresses by facultyand administration- specific purposes for which administrative access to the accounts will be used

Office Web AppsCreate and edit Word, Excel, PowerPoint andOneNote documents using a web browser

Students will be enabled to use Microsoft Office products to create and edit files through a Web browser.

Share Point Team sitesShare files and documents with classmates. Create team, study group or club sites. Up to 300 sub sites.

SharePoint sites:Use of SharePoint for collaboration with classmates on school-related topics, including setting up team sites. Files will be stored on School District premise.


4 | P a g e

Skype for Business (formerly Lync 2013 for Business) Instant Messaging, Peer-to-peer VoIP and video, Desktop sharing, a u d i o - video conferencing.

Instant Messaging (IM) only.

3. Related Privacy Impact Assessments

<Reference any existing PIAs related to this initiative; otherwise, N/A.>

4. Elements of Information or Data

School Districts will be collecting student name, (parent name where applicable) and School District for the purposes of setting up the Office 365 accounts. School Districts, through Microsoft, will be collecting student emails (relating to educational purposes – i.e. only those addressed to faculty and staff, and those to other students for school and not personal purposes), and any records created in the collaborative application suite that are created for educational purposes.

Office 365 distinguishes between three types of data in the service:

• Customer dataIncludes Exchange e-mail body and attachment data

• Address book dataCollected when a user account is created

• Usage data

All this data is owned directly by the School Districts, whose administrative resources have full control over the data in Office 365. Administrative access to the student mailbox content by School District staff and/or teachers will only be used for the purposes set out in the Use Policy, and will not fall outside of the following reasons for search:• Technical maintenance• In order to meet legal requirements to produce records• Prevent misconduct/ensure compliance with the law (e.g. the School Act)

Use of or access to student data by Microsoft support resources is tightly controlled, based upon the data type and specific support situations. A detailed explanation of the various instances in which a Microsoft employee would access student data is provided as Appendix E.


5 | P a g e

If personal information is involved in your initiative, please continue to the next page to complete your PIA.

If no personal information is involved, please submit Parts 1, 6, and 7 to your privacy office(r). They will guide you through the completion of your PIA.

Part 2 – Protection of Personal Information

5. Storage or Access outside Canada?

Yes - Student emails and/or files will be stored on servers outside of Canada. This impact will be managed through information and consent forms. Students and their parents will be made aware of the fact that those using (and consenting to the use of) Office 365 will have their personal information disclosed to, stored in, and accessed from outside of Canada.

6. Data-linking Initiative* - Not applicable for the use of Office 365 in this PIA.

In FOIPPA, "data linking" and “data-linking initiative” are strictly defined. Answer the following questions to determine whether your initiative qualifies as a “data-linking initiative” under the Act. If you answer “yes” to all 3 questions, your initiative may be a data linking initiative and you must comply with specific requirements under the Act related to data-linking initiatives.

1. Personal information from one database is linked or combined with personal information from another database;

no

2. The purpose for the linkage is different from those for which the personal information in each database was originally obtained or compiled;

no

3. The data linking is occurring between either (1) two or more public bodies or (2) one or more public bodies and one or more agencies.

no

If you have answered “yes” to all three questions, please contact your privacy office(r) to discuss the requirements of a data-linking initiative.


6 | P a g e

7. Common or Integrated Program or Activity* - Not applicable for the Office 365 in this PIA.In FOIPPA, “common or integrated program or activity” is strictly defined. Answer the following questions to determine whether your initiative qualifies as “a common or integrated program or activity” under the Act. If you answer “yes” to all 3 of these questions, you must comply with requirements under the Act for common or integrated programs and activities.

1. This initiative involves a program or activity that provides a service (or services);

no

2. Those services are provided through:(a) a public body and at least one other public body or agency working collaboratively to provide that service; or (b) one public body working on behalf of one or more other public bodies or agencies;

no

3. The common or integrated program/activity is confirmed by written documentation that meets the requirements set out in the FOIPP regulation.

no

Please check this box if this program involves a common or integrated program or activity based on your answers to the three questions above.

8. Personal Information Flow Diagram and/or Personal Information Flow Table

The following diagram illustrates the flow of information between the School Districts and theMicrosoft Office 365 service:

• Each School District enters into an agreement with Microsoft for the provision of Office365 for Education services for students• Each School District completes a Privacy Impact Assessment pertaining to their use of the Office 365 service for student use to go forward with this initiative providing their implementation follows all of the provisions in the checklist in Appendix D.• Students or their parent or guardian, where applicable, provide to the School District their signed informed consent (see Appendix B) for their information to be disclosed and stored outside of Canada. School Districts create and activate the email accounts.


7 | P a g e

Note: Examples can be removed and additional lines can be added as needed.

Personal Information Flow TableDescription/Purpose Type FOIPPA

Authority1. School District enters into agreement with Microsoft No PI

CollectionN/A 26(c)

2. School District collects consent from student or parent Collection 26(c)

3. School District creates student accounts Collection & Use

26(c) and 32(a)

4. Students store emails and files on Microsoft servers Use 32(a)5. Student emails capture personal information of other

studentsCollection 27(1)(a)(i)


8 | P a g e

9. Risk Mitigation Student emails and/or files will be stored on servers outside of Canada. This impact will be managed through information and consent forms. Students and their parents will be made aware of the fact that those using (and consenting to the use of) Office 365 will have their personal information disclosed to, stored in, and accessed from outside of Canada. Further to this impact there is also a r i s k t h at s tu d e n ts w i l l use t h ei r sc h o ol e m a i l a d dre ss es f or per s o n a l reasons, th u s p o t e nt i a ll y e x p o si ng t h i r d p ar t y i n f or m at i on o u t s i de of Ca n a d a . This is an inherent risk to the personal use of public body resources, but i s o u t o f sc o p e o f t h e re s p o n s i b i l i t y of t h e S c h o ol D i s tr i c t s . There is no additional risk encountered, as students not emailing on the Office 365 system would similarly be exposing the same third parties to their information being stored outside of Canada. Office 365 has the additional benefit of being a S c h o o l D i s tr i c t f a c u l t y a n d a d m i n i s trat i o n w h o co m m u n i c ate w i t h stu d e n ts t hrou g h t he s tu d e nts’ O f f i c e 3 65 e m a i l a cc o u nts c o ul d be at r i s k of h av i ng p er s o n al i n f or m at i on c o n t a i n ed i n t h e s tu d e n t s ’ e m a il s . This risk will be mitigated through policy. The Use Policy will instruct faculty and administration to o nl y u s e s tu d e nt e m a il s f or ed u c a t i on al or sc h o ol p u r p o s es and not to include any personal information in those emails.

Risk Mitigation TableRisk Mitigation Strategy Likelihood Impact

1. Student emails and/or files stored outside of Canada.

Letter of intent provided to parents; signed consent forms required.

High Low

2. Students use email address for personal reasons, potentially exposing 3rd party information.

District Use Policy covering intended and acceptable use of the services; training for students

Low Low

3. SD staff and faculty communicate with students via student email accounts; risk of their personal information contained in student emails.

District Use Policy contains instructions to faculty and staff on appropriate content when using this method of communication with students; training for faculty and staff

Low High

4. Inappropriate exposure of personal information could result in a breach

District Use policy; training; incident management process

Low High

5. Vendor could change terms of use of the service

School District reviews terms of use annually

Low High


9 | P a g e

10. Collection Notice

Collection notice is included on the consent form.

“Personal information will be collected by the School District for the above noted purposes under the authority of s.26(c) of the Freedom of Information and Protection of Privacy Act (FOIPPA). Personal information may also be collected by students who are sharing information about other students (such as videos containing images of other students) for the purposes of collaboration on an educational project under the authority of s.27(1)(a)(i) of FOIPPA. If you have any questions about this collection, please contact <List the title, District’s business address, business phone and person that can speak to this PIA>.

Please see sample consent form in Appendix B.

Part 3 – Security of Personal Information

11. Description of the physical security measures related to the initiative.

Microsoft

Physical access to the Office 365 and Microsoft Dynamics CRM Online data centers is controlled by a [sic] two-tier authentication, including proxy card access readers (card access badge required) and hand geometry biometric readers.On a quarterly basis, the Microsoft Security Officer sends reports to the authorized personnel with authority to approve data center access. The reports contain the list of persons who currently have access to the data centers. The authorized personnel audit the list to ensure all persons still require access and have the least privileged access level necessary to perform their job function.

School District

<Describe the additional physical security measures used in the School District to protect the computers and network.>

12. Description of the technical security measures related to this initiative.

Microsoft

All Office 365 and Microsoft Dynamics CRM Online personnel are accountable for their handling of customer data, because access to Office 365 and Microsoft Dynamics CRM Online data is granted in a manner that is traceable to a unique user.


10 | P a g e

In other words, accountability is enforced through a set of system controls, including the use of unique user names, data access controls, and auditing. Unlike generic user names such as "Guest" or "Administrator," unique user names are used to enforce accountability by identifying user actions to a specific person (referred to as "binding"). Two-factor authentication, such as smart card logins using digital certificates or RSA tokens, is also used to further strengthen this binding.Microsoft applies strict controls over which personnel roles and personnel will be granted access to customer data. Personnel access to the IT systems that store customer data is strictly controlled via Role-Based Access Control (RBAC) and Lockbox processes (Appendix F). Access control is an automated process that follows the separation of duties principle and the principle of granting least privilege. This process ensures that the engineer requesting access to these IT systems has met the eligibility requirements, such as a background screen, fingerprinting, required security training, and access approvals. In addition, the access levels are reviewed on a periodic basis to ensure that only users who have appropriate business justification have access to the systems.User access to data is also limited by user role. For example, system administrators are not provided with database administrative access.

District

<Describe the technical security measures used in the School District to protect the computers and network i.e. encryption, passwords etc.>

13. District Security Policies

<School Districts must identify their policies and contact name (Please also add to the checklist in Appendix D). In addition, please note Microsoft’s Online Services Information Security Policy is available by contacting Microsoft’s Chief Information Security Officer.>

14. Access controls and/or ways in which you will limit or restrict unauthorized changes (such as additions or deletions) to personal information.

Administrators in the School Districts have full control over the data in Office 365. This is for the purposes of account setup and deletion. Access to or search of the account content (student emails and files) would only occur for the following purposes:

• Technical maintenance• In order to meet legal requirements to produce records• Prevent misconduct/ensure compliance with the law (e.g. the School Act)

No changes to personal information contained in the emails or files will occur except as by the students themselves within their own accounts.

See Appendix E for a list of who has access to student data at Microsoft and for what purpose.


11 | P a g e

https://blogs.office.com/2015/04/21/announcing-customer-lockbox-for-office-365/

https://blogs.technet.microsoft.com/perryclarke/2012/05/16/managing-access-to-the-exchange-online-service/

15. Description on how you track and who has access to the personal information.

At Microsoft, information security procedures around audits and controls are based upon the ISO 27001 standards, and are documented in the Standard Response Document at http://www.microsoft.com/en-us/download/details.aspx?id=26647.

In the School Districts, administrator access will be limited to specific selected staff and tightly controlled through an approval process. Access to the data will be tracked, and activity will be monitored by review of log files. Access to individual mailboxes by non-owners of the mailboxes will be logged. With this feature, individuals can run a non-owner mailbox access report. See Appendix D

Part 4 – Accuracy/Correction/Retention of Personal Information

16. How is an individual’s information updated or corrected? If information is not updated or corrected (for physical, procedural or other reasons) please explain how it will be annotated? If personal information will be disclosed to others, how will the public body notify them of the update, correction or annotation?

Students will have access to their own personal information and may correct it or update it themselves. Where this is not possible, students will be directed to system administrators.

17. Does this initiative uses personal information to make decisions that directly affect an individual(s).

Yes. Student grades are issued based on personal information that is provided through Office 365.

18. If you answered “yes” to question 17, please explain the efforts that will be made to ensure that the personal information is accurate and complete.

Decisions being made, including grading, are being done in a holistic learning environment by professional teachers. These teachers will understand each students’ learning abilities and can assess the accuracy and completeness of information based on their relationship with students. Teachers will take the same measures and care to ensure that all grading decisions are based on accurate information. Given that students reside in the classroom with teachers, they will be available to clarify where information is incomplete or incongruous with previous efforts.

Further, the School District has identified a contact person within the School District who is responsible for providing access to, ensuring accuracy and completeness of, and making requested corrections to personal information held within the Office 365 program. Where corrections cannot or will not be made, this contact will annotate the records containing the information.


12 | P a g e

http://www.microsoft.com/en-us/download/details.aspx?id=26647

19. If you answered “yes” to question 17, do you have a records retention and/or disposition schedule that will ensure that personal information is kept for at least one year after it is used in making a decision directly affecting an individual?

The School District will retain all information used to make decisions about students for at least one year. The School District will agree and sign off on this term in order to make use of this PIA.

Part 5 – Further Information

20. Does the initiative involve systematic disclosures of personal information? If yes, please explain.- Not applicable if used in the context of this PIA. Proceed to number 22.

<For example: your department has a regular exchange of personal information (both collection and disclosure) with the federal government in order to provide services to your clients.>

Please check this box if the related Information Sharing Agreement (ISA) is attached. If you require assistance completing an ISA, please contact your privacy office(r).

21. Does the program involve access to personally identifiable information for research or statistical purposes? If yes, please explain.- Not applicable if used in the context of this PIA. Proceed to number 22.

<For example: your public body will be disclosing information to PhD students so that they can conduct research.>

Please check this box if the related Research Agreement (RA) is attached. If you require assistance completing an RA please contact your privacy office(r).

22. Will a personal information bank (PIB) result from this initiative? If yes, please list the legislatively required descriptors listed in section 69 (6) of FOIPPA. Under this same section, this information is required to be published in a public directory.- Not applicable if used in the context of this PIA.

Note: A personal information bank means a collection of personal information that is organized or retrievable by the name of an individual or by an identifying number, symbol, or other particular assigned to an individual.

Please ensure Parts 6 and 7 are attached to your submitted PIA.


13 | P a g e

Part 6 – Privacy Office(r) Comments

This PIA is based on a review of the material provided to the Privacy Office(r) as of the date below. If, in future any substantive changes are made to the scope of this PIA, the public body will have to complete a PIA Update and submit it to Privacy Office(r).

Privacy Officer/Privacy Office Representative

Signature Date

Part 7 – Program Area Signatures

Program/Department Manager Signature Date

Contact Responsible for Systems Maintenance and/or Security (Signature not required unless they have been involved in this PIA.)

Signature Date


14 | P a g e

Head of Public Body, or designate Signature Date

A final copy of this PIA (with all signatures) must be kept on record.

If you have any questions, please contact your public body’s privacy office(r) or call the OCIO’s Privacy and Access Helpline at 250 356-1851.


15 | P a g e

APPENDIX A – Letter of Intent

Date [Homeroom Teacher Name]

Re: Access to student E-Mail

To: Parents/Guardians [Student First Name] [Student Last Name]

It is an exciting time for teaching and learning in our School District as we pursue our goal of helping all students to develop the skills to become learners, thinkers, innovators, collaborators and contributors. These are the attributes of a School District No. <##> learner that have been determined as being necessary for success in the 21st century.

As we pursue our educational goals, we recognize the importance of creating 21st century learning competencies in an environment that provides tools for students that are relevant to their daily lives. To that end, we are committed to providing all students access to digital technologies that will empower their learning and better prepare students to thrive in an increasingly digital world.

As a result, the School District’s Learning Technology Department has been working with IBM K – 12 to create a digital collaboration system that will connect students, parents and teachers. This system will provide access to educational programming and learning resources anytime, anywhere in a safe and secure web-based environment.

While recognizing the benefits of supporting digital literacy in learning environments, we must also be aware of the potential impacts of sharing digital information online and the necessity to protect our students’ personal information regardless of where it is stored or accessed. On the reverse of this letter you will find a consent form that will allow your student to gain access to this system which includes student e-mail. While this is not an educational requirement for your student, we hope that you will see the value in providing these tools for your son/daughter. If you choose to grant permission, please sign the consent form and return it to the school. Your student’s classroom teacher will then provide further instructions on how to access the new collaboration system. If you have further questions, please do not hesitate to contact me using the information listed below.

Sincerely,

Name,Director of Instruction K – 12Email Address: Phone Number:


16 | P a g e

Appendix B – Sample Consent Form<Please put on your District’s letterhead and edit to personalize as needed.>

School District <##> provides students in Grades < X – Y> with a district email account as well as <25> gigabytes of online file storage space for educational communication and work storage purposes. Each student will have their own secure login and password to access their email and files. Personal information will be collected by the School District for the above noted purposes under the authority of s.26(c) of the Freedom of Information and Protection of Privacy Act (FOIPPA). Personal information may also be collected by students who are sharing information about other students (such as videos containing images of other students) for the purposes of collaboration on an educational project under the authority of s.27(1)(a)(i) of FOIPPA. If you have any questions about this collection, please contact <title, business address, business phone number>.

Microsoft hosts the above services for the School District staff, teachers and students and where applicable, partners also store and potentially access servers outside of Canada student’s account data (such as name, email address, grade level, and school name) and a student’s usage data (such as student emails and documents, calendar information, and any records created in the collaborative application suite). While stored outside the country, information in your child’s Office 365 account may be subject to the laws of foreign jurisdictions including, in the United States, the USA Patriot Act. Privacy legislation requires that we inform you of this and obtain your consent to this arrangement. To view the list of Microsoft service providers see Appendix E or go to: http://go.microsoft.com/fwlink/?LinkId=213175&clcid=0x409 .

Consent:I understand that my (if student is signing) information or my child’s (if parent is signing) information in the Office 365 Account will be disclosed, stored and accessed from outside of Canada, specifically the United States, for the purposes outlined above. I also understand and agree that my (if student is signing) information or my child’s (if parent is signing) information can be provided to this application by other students for the purposes of group work, collaboration, and similar activities. This consent will be considered valid from the date at which it is signed until one year after the point at which the student named below is no longer a student within the School District. I also hereby acknowledge that I have read and understood the School District’s Policy on the Use of Office 365 (“The Use Policy”).

Name of student or, if applicable, parent or guardian: Signature of student or, if applicable, parent or guardian:

Date Signed (MM/DD/YYYY):

This form must be returned, signed and dated, to the student’s school in order for a District Office 365 account to be activated for the student named below.

Note: Parents cannot consent on behalf of any student that is of capable mind and maturity to consent for themselves. In addition, students for whom consent is not provided will have access to an alternative resource.

Student Details:Student First Name: Student Last Name: Grade: Student School:


17 | P a g e

http://go.microsoft.com/fwlink/?LinkId=213175&clcid=0x409

Appendix C – Consent Respecting Personal Information

<For School Districts not using the consent form in Appendix B, their consent form must meet the requirements of the following sections of the FOIPP Regulation.>

11 (1) For the purposes of section 26 (d), 30.1 (a), 32 (b) and 33.1 (1) (b) of theAct, consent must

(a) be in writing, and

(b) be done in a manner that specifies

(i) the personal information for which the individual is providing consent, and

(ii) the date on which the consent is effective and, if applicable, the date on which the consent expires.

(2) In addition to the requirements of subsection (1) of this section, for the purposes of [...]

(d) section 33.1 (1) (b) of the Act, consent must be done in a manner that specifies

(i) to whom the personal information may be disclosed, (ii) if

practicable, the jurisdiction to which the personalinformation may be disclosed, and

(iii) the purpose of the disclosure of the personal information.

(3) Subject to subsection (4), a consent under section 33.1 (1) (b) of the Act that was given before the date this regulation comes into force, and is still effective on the date this regulation comes into force, continues to be effective in accordance with its terms.

(4) Unless a consent described in subsection (3) complies with the requirements set out in subsections (1) and (2) (d) within one year after the date this regulation comes into force, the consent ceases to be effective on the date that is one year after the date this regulation comes into force.


18 | P a g e

Appendix DChecklist and Confirmation List for Office 365

School District

School District’s Office365 Administrator

Email Go-Live Date: This checklist is to be completed to determine if a School District meets the criteria set out in this PIA. A S c h o ol Di s tri c t w h os e Off i ce 3 6 5 i m p leme n t a ti o n d oe s n ot m ee t the c rit e ria o f t h i s c h eck l i s t w i l l h a v e to c o m p le t e t he ir o w n PI A , in accordance with section 69(5.3) of the Freedom of Information and Protection of Privacy Act.

For the purposes of this Appendix, “Use Policy” has the same meaning as that established in the PIA – the School District’s Use Policy on the Use of Office 365.

Please enter an “X” under the appropriate answer to the following questions:

Yes No

Notification and ConsentA “Collection Notice”, meeting the requirements of section 27(2) of the Freedom of Information and Protection of Privacy Act has been provided to students/parents, either via the consent form or the letter of intent.

A signed consent form has been secured from all parents/students, and the consent form meets the requirements of section 11 of the Freedom of Information and Protection of Privacy Regulation.

Consent will be secured from students where they are capable of exercising this right, and guardians (i.e. parents) will consent for students when they are incapable of exercising this right, pursuant to section 3 of the Freedom of Information and Protection of Privacy Regulation.

Students are not obliged to take part in the Office 365 program, and alternative measures are provided in all instances where an Office 365 interaction is requested of students.

UseThe School District has created a new, or implemented an existing Use Policy for students, which dictates what constitutes (or contradicts) “appropriate use” of the application. TheUse Policy also very clearly outlines any monitoring that may take place, or any instances in which an Office 365 account would be suspended or revoked.

The School District will ensure that the Use Policy is widely distributed and that parents, students, faculty and administration are educated to, and in understanding of the contents of the Use Policy. The Use Policy should be provided with consent forms.


19 | P a g e

DisclosureOnly the names and School Districts of those students who have signed consent forms (or, where applicable, a parent has signed a consent form) will be disclosed to Microsoft for the purposes of the Office 365 Program.

Access, Accuracy, Correction and Annotation (see section VI of this PIA)

The School District has identified a contact person within the School District who is responsible for providing access to, ensuring accuracy and completeness of, and making requested corrections to personal information held within the Office 365 program. Where corrections cannot or will not be made, this contact will annotate the records containing the information.

School District Contact: _________________________________

Security (see section VII of this PIA)The School District has identified a contact person within the School District who is responsible for maintaining the security of the personal information held in the Office 365 system.

School District contact: __________________________________

Audit Logging (New Recommendation)

Audit logging of non-owner access to accounts is enabled.

Monitoring

Student email accounts will only be searched, seized, monitored, suspended, or revoked in accordance with the Use Policy established by the School District.

Content of student account will only be searched for one of the following reasons: technical maintenance in order to meet legal requirements to produce prevent misconduct/ensure compliance with the law (e.g. the School Act)

Records ManagementA r eco r d s r e t en t io n and disposition schedule has been created by the District. All records used to make a decision about an individual will must be k e p t f o r a t le a s t o n e y ea r as noted in Section 31 of FIPPA. The records disposition schedule, although not a PIA requirement, falls under the responsibility of the Chief Records Officer, Ministry of Finance, who is required to follow the new legislation for Records Management as of May 10, 2016.

Privacy Management Program (New Recommendation)

I acknowledge the Ministry of Education’s recommendation that a privacy management program be implemented within my school district, and further acknowledge that I am aware of the resources that are available to me to support this recommendation. Namely, the OIPC’s Accountable Privacy Management in BC’s Public Sector and the Ministry of Finance’s Privacy Management and Accountability Policy.

ScopeI understand the information and analysis in this PIA is limited to the interaction between Office 365 and the requirements set out in the FOIPPA. It is the responsibility of our School District to review Microsoft’s Terms of Use/General Services Agreement. We have reviewed and complied with all obligations created by other legislation and policy, including but not limited to legal review of, and approvals for indemnities created by, Microsoft’s Terms of Use/General Services Agreement.


20 | P a g e

http://www2.gov.bc.ca/gov/content/governments/services-for-government/policies-procedures/privacy-policy

https://www.oipc.bc.ca/guidance-documents/1545

https://www.oipc.bc.ca/news-releases/1949

I understand that as the School District’s service provider, Microsoft is considered a public body employee

under the Freedom of Information and Protection of Privacy Act, and strictly within the scope of offering this service to the School District is thus bound by the same restrictions and requirements.If you have answered ‘No’ to any of the above questions, a separate PIA will need to be completed

before your Office 365 Program can be launched.

Checklist Completed By: Signature

Name of School District’s PIA signor: Signature: Date


21 | P a g e

Appendix EUse or Access to Student Data by Microsoft Support and

other Resources

Usage Data Address BookData

CustomerData (excluding Core Customer Data*)

Core Customer Data

Operations Response Team (limited to key personnel only)

Yes. Yes, as needed. Yes, as needed.

Yes, by exception.

SupportOrganization (includes subcontractors1)

Yes, only as required in response to Support Inquiry

Yes, only as required in response to Support Inquiry.

Yes, only as required in response to Support Inquiry.

No.

Engineering Yes.

No Direct Access. May Be Transferred During Trouble- shooting.

No Direct Access. May Be Transferred During Trouble- shooting.

No.

Partners (as specified by the Customer)

With customer permission. See Partner for more information.




Others inMicrosoft No (Yes for CRM Dynamics

Online ONLY).

No (Yes for CRM Dynamics Online and Office 365 For Small Business (P1) customers for marketing

1 Subcontractors hired by Microsoft are subject to the same security and privacy standards as Microsoft employees. The list of subcontractors as of 2015-08-28 on the following pages.

22

Microsoft and its affiliates operate the Office 365 and Dynamics CRM Online services. We use subcontractors for certain limited functions.

Subcontractor Location(s) Function(s) Performed3MD Technologies Inc. United States Operations and Service Maintenance

Troubleshooting and Debugging IncidentsPhysical Infrastructure and Network Aditi United States Operations and Service MaintenanceTroubleshooting and Debugging IncidentsPhysical Infrastructure and Network Arryve United States Operations and Service Maintenance

Arvato Digital Services LLC Germany Dynamics Customer and Technical SupportAverro United States Physical Infrastructure and Network OperationsBeyondsoft United States Troubleshooting and Debugging Incidents Microsoft Azure Platform Services

Binary Tree Inc. United States Operations and Service MaintenanceBizdirect Portugal Troubleshooting and Debugging

Incidents*Business Builders United States Operations and Service Maintenance Troubleshooting and Debugging Incidents

Casaba Security United States Troubleshooting and Debugging IncidentsCascade Business Group LLC United States Troubleshooting and Debugging IncidentsCatalysis Corporation United States Operations and Service Maintenance

Chameleon Technologies Inc. United States Physical Infrastructure and Network OperationsChinasoft United States Operations and Service Maintenance Troubleshooting and Debugging IncidentsCiber Inc. United States Operations and Service MaintenanceTroubleshooting and Debugging IncidentsPhysical Infrastructure and Network Cognizant Technology Solutions United States Troubleshooting and Debugging IncidentsComposable Systems LLC United States Operations and Service Maintenance Troubleshooting and Debugging Incidents

CompuCom Systems Inc. United States Operations and Service MaintenanceTroubleshooting and Debugging IncidentsPhysical Infrastructure and Network Convergys Customer Management Group Inc. United States Troubleshooting and Debugging IncidentsCovestic, Inc. United States Troubleshooting and Debugging Incidents Physical Infrastructure and Network OperationsDirect Apps Inc. United States Operations and Service Maintenance

Europäisches Microsoft Innovations Center GmbH Germany Subprocessor Affiliate

Evergreen Group LLC United States Physical Infrastructure and Network OperationsExverse Solutions LLC United States Operations and Service Maintenance Troubleshooting and Debugging Incidents Physical Infrastructure and Network OperationsG Edward Business Solutions United States Physical Infrastructure and Network OperationsGEM Service Group United Kingdom Troubleshooting and Debugging Incidents Microsoft Azure Platform ServicesGFI Portugal Troubleshooting and Debugging Incidents*H10 Capital United States Operations and Service MaintenanceTroubleshooting and Debugging IncidentsPhysical Infrastructure and Network HCL Technologies Ltd United States Physical Infrastructure and Network OperationsIdea Entity Corporation United States Operations and Service Maintenance Troubleshooting and Debugging Incidents

Infosys Technologies Ltd United States Physical Infrastructure and Network Operations

Insight Global United States Operations and Service MaintenanceTroubleshooting and Debugging IncidentsPhysical Infrastructure and Network

23

ITech US Inc United States Operations and Service Maintenance Troubleshooting and Debugging Incidents

Subcontractor Location(s) Function(s) PerformedLanguage Line Services Inc. United States Operations and Service MaintenanceLG Consulting Services United States Operations and Service MaintenanceLincoln Bay Company United States Operations and Service MaintenanceLongtop International LLC United States Operations and Service MaintenanceMcKinstry Co United States Operations and Service Maintenance

Troubleshooting and Debugging IncidentsPhysical Infrastructure and Network MetraTech Corporation United States Troubleshooting and Debugging IncidentsMicrosoft Canada Development Centre Co. Canada Subprocessor Affiliate

Microsoft (China) Company Limited China Subprocessor AffiliateMicrosoft Datacenter Holdings (HK) Limited Hong Kong SAR Subprocessor AffiliateMicrosoft Datacenter Netherlands B.V. Netherlands Subprocessor AffiliateMicrosoft Development Center CopenhagenApS

Denmark Subprocessor Affiliate

Microsoft Egypt, a Limited Liability Company Egypt Subprocessor AffiliateMicrosoft Ireland Operations Limited Ireland Subprocessor AffiliateMicrosoft Israel Research and Development(2002) Ltd.

Israel Subprocessor Affiliate

Microsoft Japan Co., Limited Japan Subprocessor AffiliateMicrosoft Licensing, GP United States Subprocessor AffiliateMicrosoft Limited United Kingdom Subprocessor AffiliateMicrosoft Operations Pte Ltd Singapore Subprocessor AffiliateMicrosoft Research & Development France SAS France Subprocessor AffiliateMicrosoft Research Lab India Private Limited India Subprocessor AffiliateMindsource United States Operations and Service Maintenance

Physical Infrastructure and Network OperationsMindtree Consulting PVT LTD United States; India Troubleshooting and Debugging IncidentsPhysical Infrastructure and Network OperationsMurphy & Associates United States Operations and Service MaintenancePhysical Infrastructure and Network OperationsNational Communication Services Inc (NCS) United States Operations and Service MaintenanceTroubleshooting and Debugging IncidentsNovabase IIS Portugal Troubleshooting and Debugging Incidents*NBO - Recursos em Tecnologia de Informaçao SA Portugal Dynamics Customer and Technical SupportNTT Communications Corporation Japan Physical Infrastructure and Network OperationsPrithvi Catalytic Inc United States Operations and Service Maintenance Troubleshooting and Debugging Incidents

Ramp Technology Group LLC United States Operations and Service MaintenanceTroubleshooting and Debugging IncidentsRedmond Technology Partners United States Physical Infrastructure and Network OperationsResources Global Professionals United States Physical Infrastructure and Network OperationsRinf Temps Romania Troubleshooting and Debugging Incidents*Sapphire Technologies Canada Canada Operations and Service Maintenance

Schakra Inc. United States Troubleshooting and Debugging Incidents

Siemens United States Operations and Service MaintenanceSlalom LLC United States Troubleshooting and Debugging

Incidents

Society Consulting f/k/a Pentad Solutions United States Microsoft Azure Platform ServicesSogeti USA LLC United States Troubleshooting and Debugging

IncidentsSolutions IQ United States Operations and Service MaintenanceSonata Software Ltd India Troubleshooting and Debugging

IncidentsSpectrum Consultants India Pvt Ltd India Operations and Service Maintenance

24

SSTIC – TECNOLOGIAS DE INFORMAÇÃO Portugal Troubleshooting and Debugging Incidents*

Statera Inc United States Operations and Service Maintenance

Subcontractor Location(s) Function(s) PerformedTata Consultancy Services United States Operations and Service Maintenance

Troubleshooting and Debugging IncidentsPhysical Infrastructure and Network Operations

Tech Mahindra Ltd India Operations and Service MaintenanceTroubleshooting and Debugging Incidents

TEKsystems United States Operations and Service MaintenanceTroubleshooting and Debugging IncidentsPhysical Infrastructure and Network Operations

Vega Consulting LLC United States Operations and Service MaintenanceVelocity Partners United States Operations and Service Maintenance


Volt (VMC Consulting Corporation) United States Dynamics Customer and Technical SupportWicresoft United States Operations and Service Maintenance

Troubleshooting and Debugging IncidentsPhysical Infrastructure and Network Operations Microsoft Azure Platform Services

Wimmer Solutions Corporation United States Operations and Service MaintenanceTroubleshooting and Debugging IncidentsPhysical Infrastructure and Network Operations

Wipro Ltd India Dynamics Customer and Technical SupportXtreme Consulting Group Inc United States Operations and Service Maintenance


INFORMATION AND DESCRIPTIONS

* Dynamics CRM Online onlyo Operations and Service Maintenance: These subcontractors assist with incident

response and troubleshooting problems, such as changes to configurations and settings, server updates, patch maintenance, and security investigations.

o Troubleshooting and Debugging Incidents: These subcontractors assist engineering teams by creating software patches.

o Physical Infrastructure and Network Operations: These subcontractors assist in the course of server troubleshooting, such as maintaining networks and routers.

o Dynamics Customer and Technical Support: These subcontractors assist in providing technical support and access support ticket information only for Dynamics CRM Online.

o Sub processor Affiliate: These Microsoft affiliates are data sub processors.o Microsoft Azure Platform Services: Office 365 services utilize Microsoft Azure

platform services. These subcontractors assist with various aspects of Microsoft Azure platform services.

NOTICE AND DISCLAIMERThis document is subject to change at any time. Last updated on August 28, 2015

25

Appendix FMicrosoft Lockbox for Office 365

Organizations understandably want to have full control over access to their content stored in cloud services.When running the Office 365 service globally, we know that security, privacy and compliance are imperatives for customers, and that’s why these remain unwavering priorities for us. We recognize as a cloud service provider that providing customers with visibility into actions taken on their content and control over access to their content in the cloud are essential to earning and maintaining their trust, and so transparency and control are ongoing focus areas for our security investments in Office 365.

In our efforts to maximize data security and privacy for Office 365 customers, we have engineered the service to require nearly zero interaction with customer content by Microsoft employees. Nearly all service operations performed by Microsoft are fully automated and the human involvement is highly controlled and abstracted away from customer content. As a result, only in rare cases—such as when troubleshooting a customer issue with mailbox or document contents—does a Microsoft engineer have any reason to access customer content in Office 365.Microsoft Engineers do not have standing access to any service operation. All access is obtained through a rigorous access control technology called Lockbox. Today, Lockbox enforces access control through multiple levels of approval within Microsoft, providing just-in-time access with limited and time-bound authorization. In addition, all access control activities in the service are logged and audited.Use of the Customer Lockbox feature ensures that Microsoft engineer does not get access to the customer’s content without customer’s explicit approval. When the customer gets the request for access, they can scrutinize the request and either approve or reject it. Until the request is approved, the Microsoft engineer will not be granted access. Customer Lockbox activity will be available to customers via the Office 365 Management Activity logs for easy integration into customer security monitoring and reporting systems.

26

http://blogs.office.com/2015/04/21/announcing-the-new-office-365-management-activity-api-for-security-and-compliance-monitoring/

questions - web viewcreate and edit word, ... implementation follows all of the provisions in the...

Documents