Ogden Preparatory Academy, in compliance with HB 358 and SB 102, has initiated a strict policy and protocol procedure for evaluating all third-party vendors who have access to any student data. Interactive websites and apps collect student data such as location, name, phone numbers, likes and dislikes, routines, and much more. Because of this, Ogden Preparatory Academy wants to protect student data, both submitted by the student and generated by these third-party companies. The most common use of student data is in marketing and research, and for selling to companies for a profit. Because of this, Ogden Preparatory Academy requires all third-party vendors are evaluated by Ogden Preparatory Academy Administration. Assigned administrators evaluate third-party vendors and verify that all student data will be transmitted and stored in a secure way, that it won’t be sold, and that it will be fully deleted upon request.
In order for a third-party vendor to be approved, they must go through the evaluation steps:
- Teachers and Staff will submit the website/app to the IT System Security Manager (ITSSM).
- The ITSSM will evaluate the website/app for compliance.
- The ITSSM will also view all security protocols listed on the website, including login security.
- If the website is secure, then it will be turned over to Administration for approval.
- Administration will go through all websites and determine if they are aligned with curriculum and if similar websites are already being used.
- Once the website/app is approved by Administration, it will be routed back to the ITSSM.
- When the website/app is returned to the ITSSM, one of two things will happen: A. The website will be added to the approved list. B. The website will be turned over to OPA Support for login sync with school servers and then added to the approved list.
- After websites are approved, their metadata will then be uploaded to the Utah Metadata Dictionary.
The list below shows the various stages submitted websites are in in the evaluation process.