Office Menu:

Policies, Procedures, & Guidelines

Welcome to OIT’s Rules and Guidelines page. For the best experience, we recommend viewing this content on a laptop or desktop.

The School District of Philadelphia provides its employees (“users”) with access to various computing resources. The purpose of this access is to facilitate employees’ work. In that regard, accounts issued to users are for school district use only and may be audited for misuse.

The Office of Information Technology will provide access to computing resources only after proper authorization by appropriate management has been provided. Each user will be issued his/her own account to access computing resources. User accounts may not be shared. Users will be responsible for maintaining and protecting the password on their accounts to prevent possible misuse of their account.

New Account Request

All technology access requests should be made via the  “Technology Access Request” online application located in the master login section.

Account Deletion

User accounts are audited routinely. Users who are no longer employed by the school district will have their accounts automatically deleted (e-mail accounts will be maintained for 30 days prior to deletion to allow supervisor access to the former employee’s School District e-mail).

In addition, supervisors must immediately notify the Office of Information Technology when an authorized user transitions to a position for which access is not authorized.

Like most school districts, The School District of Philadelphia receives offers from individuals and organizations of donations of both new and used technology equipment, such as, computers, monitors, printers, etc. The District has created a policy to provide guidance to both prospective donators and schools.

Though sincerely appreciative of the intent, the District recognizes that inherent in the acceptance of new or used equipment, it becomes the District’s responsibility and expense to ensure the usability and sustainability of said equipment, including performing hardware repairs, purchasing peripherals, (i.e. keyboards, mice, etc.), computer software imaging, and ensuring software licensing, prior to the equipment reaching a school.

Over the last several years, the District has invested significant resources, time, money and energy, into standardizing technology specifications across the District. Acceptance of used, donated equipment substantially dilutes our ability to provide timely and effective service to approved district technology.

Donated Equipment Policies (must be logged in with SDP Google account to open)

Used Equipment

Like most school districts, The School District of Philadelphia receives offers from individuals and organizations of donations of both new and used technology equipment, such as, computers, monitors, printers, etc. The District has created a policy to provide guidance to both prospective donors and schools.

Things to consider when accepting used equipment:

  1. Used equipment has a shorter “life”
  2. Used equipment may not be able to perform some instructional tasks
  3. Only used equipment meeting the specifications outlined below may be accepted for donation
  4. The expense of keeping out-of-warranty equipment functional can exceed the original value of the donation
  5. The accepting school may become liable for the expense of proper disposal of used donations
  6. The District cannot provide setup or ongoing support for donated used equipment
  7. Even when meeting the minimum hardware specs, used equipment may not work on the District’s wireless network
  8. Ensure your building has adequate electrical and data connections to support the size of the donation

The following guidelines apply to the acceptance of donated used computing equipment:

  1. All equipment accepted by SDP should be in good working order. If the equipment is not in good working order, the accepting department or school assumes responsibility for the costs of putting the equipment in good working order, including all software, hardware, and related costs for the equipment.  Many times these costs exceed the value of the donation.
  2. Accept only equipment that meets specifications as defined in the Hardware Standards Compliance section below.  The accepting school or department assumes responsibility for costs of keeping the equipment in good working order.
  3. Work with the donor to provide the following services to ensure that donated equipment is properly supported:
    Ongoing technical support
  4. Removal/disposal of equipment when it becomes inoperable or reaches the end of its lifecycle.
    Spare parts for equipment failure
  5. Maintain an inventory of all donated equipment at the school. Clearly label all devices as donated.  Also include any contact information for the donor that is providing technical support. School-based staff will need to provide support for used equipment donations.
  6. Be certain the donor provides software licenses for any donated software, including the operating system software (see licensing section below).  The District makes every effort to be in compliance with copyright laws.  Without proof of license, many software items must be removed.
  7. If the donor requires a receipt for their donation, provide them with a letter listing the make, model and serial number of donated items. It is the responsibility of the donor, not SDP, to determine the value of donated items.
  8. The IT Helpdesk will answer questions about the advisability of accepting donations.  You can contact them at 215-400-5555 or helpdesk@philasd.org.

Licensing Considerations

WINDOWS: Please ensure that systems comes with a Windows COA (certificate of authenticity) sticker affixed to the computer. If you receive a qualified donation that does not have a Windows COA, you will need to purchase a Windows license (roughly $57).

Additional expected licensing costs of a donated computer:  Approx $50.00 for Microsoft Office License Agreement

Hardware Standards Compliance

All equipment accepted into the SDP environment must meet the minimum standards, found in the below grid.

As of April 2016, these standards are:

Desktop Requirements:

Type Apple PC
Processor Quad-core Intel Core i5 processor

Intel Pentium Core 2 Duo 2.99 Ghz

AMD Phenom 2.6 Ghz

RAM 4 GB 4 GB
Hard Drive 512 GB 256 GB
Wireless A/G/N (5 Ghz) A/G/N (5 Ghz)
OS Originally shipped with 10.8.2 Mountain Lion Windows 7 compatible
Year Late 2012 2012

 

Laptop Requirements:

Type Apple PC
Processor Dual-core Intel Core i5 processor

Intel Pentium Core 2 Duo 2.53 Ghz

AMD Turion X2 Ultra 2.5 Ghz

RAM 4 GB 4 GB
Hard Drive 128 GB 128 GB
Wireless A/G/N (5 Ghz) A/G/N (5 Ghz)
OS Originally shipped with 10.8.2 Mountain Lion Windows 7 compatible
Year Late 2012 2012

Mobile Devices Accepted:

Chromebooks: Please contact the IT Helpdesk before accepting Chromebook donations

Apple: iPad 2 or newer

Also accepted:

  • 19″ or larger LCD monitors
  • Networkable LaserJet printers
  • Any other items, please fill out the google form, provide as many specs as possible and the team will review and determine if the equipment is viable in our environment.

Not accepted:

  • Networking Hardware (Routers, Hubs, Switches, Wireless Access Points)

New Equipment

The School District understands that organizations may wish to purchase or donate new computing equipment on behalf of our schools.  Support from these organizations is welcomed and appreciated and benefits the District.  In order to streamline the process and provide for better accounting of new equipment donated to the District, please refer to the following procedures:

1.  Schools should make every effort to get donors to purchase using agreements with District vendors found on the Technology Price List (philasd.org/techpricelist).  See the process below.  The benefits of donors purchasing from our Price List are:

  • Receiving District pricing which is often discounted
  • Receiving District services including warranties, asset tagging, etching, software, and/or bundled accessories
  • Better support (our technicians are trained and certified to service the equipment on the price list)
  • Accounting/Tracking- equipment purchased on our price list will be included in reporting that goes to the school’s inventory list allowing schools to keep track of donated equipment
  • Quality of equipment- equipment on the price list is vetted for quality, durability and performance within our network

2. If a donor is only able to donate equipment from their own vendors OR if they are a vendor donating equipment, every effort should be made to find items identical to or as similar to items on our price list as possible.  Donors should also include a warranty whenever possible (5 years suggested).  Please see appendix 1 below for the minimum recommended specifications for new equipment donations.  *Use this option with Donors Choose

3.  If the total value of a donation exceeds $20,000, work with your Assistant Superintendent to sponsor an SRC resolution to accept the donation.

Process for donors wishing to purchase from the approved District Price List

1.    Visit Price List

2.    Download Pre-paid Purchase Order Form for the Vendor

  • Apple Prepaid Purchase Order Form
  • Dell Prepaid Purchase Order Form

3.    Follow the directions at the top of the form to successfully complete the purchase

Appendix

Standards Compliance

All new equipment accepted into the SDP environment must meet our minimum standards, found in the below grid.

As of March 2016, these standards for desktops and laptops are:

Processor 1.6 GHz dual-core Intel Core i5
RAM 8 GB
Hard Drive 128 (SSD) or 500 GB SATA Hard Drive or better
OS Mac OSX El Capitan, Windows 10

iPads- iPad Mini 4, iPad Air 2

Chromebooks- Please check Google’s End of Life Policy to ensure the Chromebook will be supported for at least 3 years (https://support.google.com/chrome/a/answer/6220366?hl=en).

  • Minimum recommended RAM: 4GB
  • MUST include a Google Management License (Add to your request when using crowd-funding sites like Donors Choose)

SDP BYOD Opt-in Form: Before submitting this form, please make sure to carefully read all of the information below.

The School District of Philadelphia offers schools a Bring Your Own Device (BYOD) program. This program allows students and staff to use their personal mobile devices to access the Internet through the District’s BYOD Wi-Fi wireless network for teaching and learning activities. The goal of the program is to make it easy for individuals to bring their wireless network devices to school and have access to high speed Internet connectivity. Principals and teachers will determine when use of technology in a classroom is appropriate for teaching and learning activities, and students will now be able to bring their own devices from home, to supplement access to District-owned technology devices.

Rationale:

As cited in the School District of Philadelphia’s Action Plan 3.0, “Transitioning away from seat time, in favor of a structure that creates flexibility, allows students to progress as they demonstrate mastery of academic content, regardless of time, place, or pace of learning. This type of learning – where the content is relevant to each student, and the method and pace are tailored to his or her unique needs – leads to better student engagement and better student outcomes.” –United States Department of Education

Benefits:

Mobile devices are becoming more powerful, common, and essential in our everyday lives. By creating a Wi-Fi network that supports BYOD and specifying standards of use, the School District of Philadelphia (SDP) will be able to increase student connectivity to the Internet. The BYOD program has the potential to:

  • Maximize opportunities for students to integrate personally owned devices into their learning to become both critical consumers and producers of educational content, including:
    • Reading, watching, listening to, and interacting with educational materials
    • Creating content, documents and multimedia presentations
    • Collaborating with teachers, peers and experts in the field
  • Provide access to reliable and safe infrastructures, networks and educational opportunities for classroom instruction that fosters safe and effective use of technologies anytime and anyplace;
  • Allow students increased access to digital tools and content to connect with educators, peers, experts, information and resources beyond the school walls and traditional school day;
  • Provide students real-time feedback, encourage the exchange of information and ideas through the use of assessment and documentation of educational activities making students accountable for their learning;
  • Allow students to receive and submit assignments digitally from any location encouraging continued learning outside traditional classroom walls

Availability:

The School District of Philadelphia began the Bring Your Own Device program on August 21, 2014. BYOD is designed to allow students and staff a way to connect their devices to the Internet and access information using their own devices. Personal mobile devices and their security, maintenance, and responsible usage are still the responsibility of the individual and not the school or District as outlined in the BYOD Standards, Rules & Conditions below.

Wi-Fi Network Access:

A school may allow connectivity to a District-filtered BYOD network. The filtering of certain websites is required by law and ensures that some websites deemed dangerous, lewd, violent, or insecure are inaccessible from any District network. Laptops, tablets, eReaders, smartphones, and other devices that have Wi-Fi (802.11) wireless network capability may work with the District’s BYOD network.

Mobile Devices Supported:

The type of device one can use is limited only by its wireless network capability. Any device that has Wi-Fi 802.11a/g/n/ac (dual band) wireless network capability should be able to connect to the BYOD wireless network using their School District of Philadelphia network account information for username and password. Limited instructions beyond these details are available on how to connect and troubleshoot mobile device wireless settings.

***Individuals are still liable for their conduct and must abide by the standards of use discussed in the BYOD standards below.

Support Options for Devices:

The SDP does not provide technical support for personal mobile devices. No SDP employee is responsible for troubleshooting, repairing, updating, or configuring a personal mobile device. You may not contact the SDP IT HelpDesk for support.

Responsible Usage:

All District policies including SRC Policy 815: Acceptable Use Of Internet, Computers and Network Resources, SRC Policy 237: Use of Electronic Devices, and, the SDP Code of Student Conduct, apply to personal and District-provided devices that connect to the District’s Wi-Fi network and when connecting to a cellular/mobile network provider. The District is not liable for access, CIPA compliance or illegal conduct while connected to a non-SDP network provider, but the policies and consequences of school and District policies still apply.

STANDARDS, RULES & CONDITIONS

The standards, rules and conditions cover the use of privately owned computing or communication devices in school. This practice is also known as “Bring Your Own Device”, or BYOD.  All users of personally owned mobile devices must abide by the applicable SRC policies and Student Code of Conduct which are linked to above. Devices considered “BYOD” candidates include but are not limited to the use of:

  • Laptop or netbook computers
  • Tablet or slate computers or similar devices
  • iPad, iPod Touch or similar devices
  • eReaders such as the Kindle, Nook or similar devices
  • Internet-capable smartphones, such as the iPhone, Android, Blackberry, or similar devices

School personnel is responsible for monitoring and enforcing student compliance with these standards, rules and conditions.

Personal Responsibility/Theft/Loss/Damage/Inspection:

1.    It is the responsibility of the individual student to safeguard his/her mobile device while on school property. It is recommended that the device locator feature be enabled if possible.

2.    Lost/Stolen devices must be reported to the appropriate school staff immediately. The District will not be held responsible for conducting searches for lost or stolen devices.

3.    The District will not be held responsible for lost, stolen or damaged equipment, including data damage or data loss resulting from connecting devices to the school’s wireless network or power outlets.

4.    The District is not responsible for any maintenance, repair, configuration or support to student mobile devices.

5.    The District is not responsible for any costs incurred by students while using their device during or after school hours.

6.    The SDP does not provide nor is responsible for software residing on the BYOD devices. This includes but is not limited to applications and operating systems.

7.    Whenever possible, an antivirus agent must be installed on privately owned devices. It is recommended that the software is updated regularly in order to safeguard the device against viruses and malicious software.

8.    All audible notification alerts on BYOD devices must be set to “silent” during the school day.

Network /Internet Access/Electrical:

1.    BYOD devices, while in school, may only connect to the District’s BYOD Wi-Fi network. If a personal device is connected to the public cellular network or other network outside of the control of the SDP, the SDP is not responsible for maintaining CIPA compliance, and the student will be held to the guidelines of the Code of Student Conduct.

2.    School administration, faculty and staff retain the right to suspend or revoke access to the District’s BYOD Wi-Fi network and confiscate the privately owned device at any time if it is determined that the user is engaged in unauthorized activity, or, is violating the District’s Acceptable Use Policy or Student Code of Conduct.

3.    There should not be an expectation of privacy when using the SDP BYOD Wi-Fi network. The District is not responsible for the privacy or security of any data stored or transmitted by any privately owned devices.

4.    Students should bring devices fully-charged to school. Access to electrical outlets for charging should not be expected.

Approved Times and Locations for BYOD Device Usage:

1.    On school property during school hours for academic activities only.

2.    In classrooms and other instructional spaces with teacher approval as appropriate for the instructional activity.

3.    Use is prohibited in bathrooms, locker rooms, health suites and other changing areas at any time for purposes of video recording, imaging or audio recording.

4.    Use is prohibited in common areas such as hallways, lunchrooms/cafeterias, gymnasiums and auditoriums, unless specifically instructed to do so by a teacher or an administrator.

5.    Use is strictly prohibited during PSSA and Keystone testing periods.

6.    Use to update personal social media sites/accounts during school hours is prohibited.

Background

The School District of Philadelphia Policy No. 216 STUDENT RECORDS defines the legal parameters by which student data can be collected, shared and utilized. In addition, the District must further adhere to Policy No. 815 ACCEPTABLE USE OF INTERNET, COMPUTERS AND NETWORK RESOURCES, and Policy No. 815.1 INTERNET AND MEDIA PRESENCE, that further defines the rights and responsibilities of employees, associates, students and parents, when using technology resources, systems, services and data.

The Purpose of the Document

  1.  To provide clarity between a District-wide sanctioned foundational online system and the growing world of third party websites, applications, services and programs; and
  2. To provide administrative requirements that ensure each employee is compliant with the District’s SRC polices noted above and ensure that student data is secure and private when used within third party online systems.

The District understands that there is a growing list of terms that reference the world of online access. For example, online tools can be referred to as websites, computer applications, downloadable apps, online services and programs. While each term can have a distinct meaning, for the purpose of this document, we will use ‘websites, computer applications, and online services’ to cover everything.

School District Systems

The School District provides access to District-wide sanctioned online systems, which must be used to perform key business or educational functions in all District schools and offices. An example would be the School Computer Network, which is used to collect enrollment data, or the EasyIEP System, which is used to collect Special Education Data on our students. All sanctioned online systems have a formal contract to guarantee the privacy and security of student data. The School District has published an official list of District sanctioned foundational systems at: www.philasd.org/studentdataprivacy

Guidance for selecting third party websites, computer applications, and online services

The District does understand that schools want to utilize the growing world of third party websites, computer applications, and online services as part of classroom instruction. While many of these online services enhance classroom learning, schools MUST be aware of the risks and responsibilities associated with using these tools with your students. The purpose of these administrative requirements is to ensure student data privacy and security when using any third-party website, online service or computer application.

Any system or service not vetted and sanctioned by the administration of the School District must be evaluated at the school level for its adherence to student data privacy and security and relevance to meet instructional goals.

Below represents the key administrative requirements to guide the selection of websites, computer applications and online resources:

1) The School District’s Internet content filtering system blocks thousands of websites containing obscene, inappropriate or harmful material. However, filtering systems do not ensure student data privacy and security. Users who decide to utilize websites must first consider the safety and privacy of student data collected by the web site, online service or computer application.

2) Users considering the use of a web site, online service or computer application must first review and become familiar with the requirements of applicable state and federal Laws, such as FERPA, COPPA and HIPAA.

A. FERPA, The Family Educational Rights and Privacy Act mandates that all student records are to be kept private and information gleaned from such records can only be used by authorized staff to engage in activities to benefit the student. FERPA defines “education record” as essentially, any document maintained by the School District, which includes personally identifiable information about a student, including but not limited to: contact information, grades or evaluations, disciplinary records or health information. The School District must keep education records private. Parents and guardians always have the right to inspect and request changes to education records. Under FERPA the following documents are not considered education records: sole possession (i.e., the teacher’s own) documents; law enforcement unit records; student employee records; and certain health-related records of post-secondary students.

A1. FERPA authorizes the release of certain student information defined as directory information, see below. Everything else regarding a student is, by law, private. School District Policy No. 216 states:

Directory information includes, but is not limited to, the student’s name; address; telephone listing; electronic mail address; photograph; date and place of birth; major field of study; grade level; enrollment status; dates of attendance; participation in officially recognized activities and sports; weight and height of members of athletic teams; degrees, honors and awards received; and the most recent educational agency or institution attended.

A2. When Directory Information can be used:

You may release directory information to create accounts in web sites, online services or computer applications to be used for academic enrichment, practice or remediation. However, educators must ensure all data privacy laws are followed.

Please note that parents can opt-out of the release of directory information. In these situations, the teacher cannot create an account for instructional activities in any web site, online service or computer application. Schools can record the parental opt-out of directory information in the School Computer Network. Schools then must ensure that teachers are aware of students who have opted-out of the release of directory information.

Parents cannot opt-out of the use of sanctioned foundational systems listed on www.philasd.org/privacy.

B. COPPA, The Children’s Online Privacy Protection Act, defines the rules around which websites and service providers may collect information from children under the age of 13. This includes explicit parental consent, how to verify such consent, and what must be included in a website’s privacy policy.

B1. Some websites, online services or computer applications have age restrictions. If students are too young, use of the service would violate the provider’s terms of use, and therefore also violate the School District’s Acceptable Use Policy.

B2. Many websites, online services or computer applications stipulate in their terms of use or license agreement that users under a specific age must have parental consent before using them. The District or individual schools may consent on the behalf of students under 13 years of age for educational purposes only, if the resource satisfies all other data security and privacy requirements.

C. HIPPA, The Health Insurance Portability and Accountability Act, among other purposes, protects the confidentiality and security of healthcare information.

C1. Schools may not enter student health information or records into a non-sanctioned District System.

3) Web sites, online services and computer applications sometimes engage in an activity known as “data mining” – the act of collecting usage and demographic information from users. Schools must never use websites, online services and computer applications that collect personally identifiable information to aggregate for any purpose (i.e. research, sales or advertising).

4) In some cases, service providers will require that all users accept the terms of an End-User License Agreement (“EULA”) in order to use the web site, online service, or computer application. When the service provider requires this, teachers and administrators must carefully review these terms and consider whether or not these EULA terms conflict with applicable laws, including FERPA, or School District policies. When in doubt, educators must consult with administrators. If needed, administrators can consult with the Office of General Counsel before accepting the EULA terms in question, by sending an email to studentdataprivacy@philasd.org.

5) When used by public school districts, some application publishers require the signing of a Memorandum of Understanding (MOU) or service agreement or contract between the publisher and the School District. If a web site, online service, or computer application states that the provider requires a MOU, then teachers and administrators must not use that service or application until an MOU has been executed. The Office of General Counsel (email: studentdataprivacy@philasd.org) can provide necessary information about existing contracts, MOUs or other agreements executed by the School District, and if needed, create an MOU.

6) If a web site, online service or computer application collects achievement or behavioral data that contributes to a student’s permanent academic record, then a Memorandum of Understanding, Service Agreement or contract is required and teachers and administrators must not use that service or application until an MOU has been executed. The Office of General Counsel (email: studentdataprivacy@philasd.org) can provide necessary information about existing contracts, MOUs or other agreements executed by the School District, and if needed, create an MOU.

The School District has provided a rubric to assist educators in the evaluation of websites, online services or computer applications, which compiles all of the needed evaluation criteria to guide educators through the vetting process. The completion of this rubric is mandatory to ensure proper vetting before using websites, online services and computer applications that require an account with students.

The District understands the complexity associated with the evaluation of websites, online services and computer applications. In the interest of providing schools with the ability to be innovative and bring engaging tools into the classroom the above requirements are designed to empower educators and keep student data secure and private. Administrative or disciplinary action will be considered for failure to follow these Requirements.

Appendix

The Future of Privacy Forum (FPF) and The Software & Information Industry Association (SIIA) provide a “Student Data Privacy Pledge” to hold school service providers accountable to student data privacy in the collection, maintenance and use of student personal information. To learn more about the “Student Data Privacy Pledge,” please review the following website: www.studentprivacypledge.org.

The Consortium for School Networking (CoSN) provides “The Protecting Privacy in Connected Learning toolkit” to help educators and families navigate federal student privacy laws, including FERPA, COPPA, HIPPA and other privacy issues, when selecting appropriate educational websites, computer applications, and online services. To learn more about CoSN and their work around protecting privacy, please review the following website: www.cosn.org/focus-areas/leadership-vision/protecting-privacy

The Data Quality Campaign, CoSN and a diverse coalition of national education organizations provide 10 Student Data Principles to help educators and families make decisions when choosing learning solutions. To learn more about the Student Data Principles, please review the following website: www.studentdataprinciples.org

Common Sense Media’s Privacy and Internet Safety Parent Concern page provides answers to parents’ most popular questions relating to their children’s privacy and safety online. To learn more about Common Sense Media and their work privacy, safety and digital citizenship, please review the following website: www.commonsensemedia.org

Policy Statement

The policy of the School District of Philadelphia is to grant security access to the Advantage Financial and Payroll/HR systems only as it applies to specific job functionality.

Policy Explanation

The purpose of security measures for the Advantage Finance, Payroll/HR systems is to safeguard and protect the stored data from destruction and unauthorized access or modifications.

Access to the Advantage Systems provides several levels of security to ensure that sensitive financial and employee information is restricted to authorized users only. Within the systems, security is assigned to users through security profiles. This allows flexibility and control in granting user access throughout the Finance and Payroll/HR systems. Each user will be assigned a mainframe ID and password that will identify their security profile and allow them to process at various levels (e.g., database, screen, record, or fields on a record, and inquiry and update actions) within their assigned system applications.

The Systems Administration Unit (SAU) of the School District of Philadelphia is responsible for administering the security of Advantage Finance and HR/Payroll.

Advantage Finance and Advantage HR/Payroll systems of the School District of Philadelphia are utilized for the following purposes:

  1. The Finance system is used to enter and access financial data which includes purchasing, vendor payments and budget data.
  2. The HR/Payroll system is used to enter and access employee time and attendance, employee personnel and payroll related data.

Advantage Adding Security Access

  1. A mainframe ID is needed in order to gain access to the Advantage System(s). Requesting an initial or additional mainframe ID is done through the Technology Access Request application through the Master Login. To access the application, log onto the Master Login with your email user ID and e-mail password, through the School District’s website.
  2. Once a mainframe ID is assigned by IT, the next step is to request access to Advantage Finance and/or Advantage Payroll for a particular location(s). Requesting access to Advantage is done through the Technology Access request application through the Master Login.
  3. Upon receipt of the request, System Administration Unit will review, approve and assign the user to an appropriate security group or will decline.
  4. The Systems Administration Unit will inform the user via email that they have been added to the system(s) or the reason for the decline for access.

Advantage Changing Security Access

  1. The user will request a change in user security via the Technology Access Request Application through the Master Login indicating the reason for the change in user security
  2. Upon receipt of the request, The Systems Administration Unit will review and assign the user to the changed security group.
  3. The Systems Administration Unit will inform the user via email that the requested change has been made.

Advantage Deleting Security Access

By Request

  1. a) Principal/Administrator will request user deletion via the Technology Access Request Application through Master Login.
  2. Upon receipt of the request, the Systems Administration Unit will review and delete the user from access to the system(s)
  3. The Systems Administration Unit will inform the Principal/Administrator via email that the requested deletion has been made.

By System Assurance

Bi-weekly system reports identify employees/users that have transferred to another department or have been terminated. The Systems Administration Unit will immediately delete those users listed on the report. Users who will need access to the Advantage System in a new department will need to fill out a new Security Request Form (refer to Policy Procedure Item I: Adding Security Access).

The Office of Information Systems has implemented a new Content Management System (WordPress) to develop and house all School and Office related websites.  This environment is the official web site development / management platform for the School District of Philadelphia. The WordPress databases will only house content information directly related to the configuration of its own web site definitions.  The District’s WordPress environment will be hosted internally.

The Use of other content management systems or procuring external websites outside of this environment is prohibited.

This information contains procedures and related information to:

  • Requesting a web site
  • Identifying staff that will create / maintain your site
  • Creating and managing your website
  • Identifying required content that is to be included on all sites
  • Design and functionality considerations when creating a website
  • Review and Implementation procedures to follow before a site is launched

Requesting a Website and Publisher Duties

Requesting a School/Office/Special Project Website

Each school entity or business office may request the creation of a website for their organization.  It is encouraged that each school and office have a website that provides relevant information about their function, the services they provide and contact information for both internal and external audiences.

Sites may be requested for special projects or initiatives but must first be approved by the Offices of Communications and Information Technology.  If approved, the Requestor will then be contacted by a member of the IT staff to discuss your needs and will assist you in all aspects until the site is launched.

Web Publishers

When creating a website, the owning school/office will need to identify a ‘Web Publisher’.  This person will be the point of contact and may possibly be the person trained to actually create the site.  It is also required to identify a secondary Web Publisher as a backup. It is preferred that Web Publishers be SDP employees. If a Web Publisher is not a SDP employee, they must be appropriately contracted through the District.

Information on requesting/assigning Web Publishers:

  • Schools:  Principals are responsible for designating web publishers from their staff. They can submit the request electronically using the Role Access Delegation (RAD) application.
  • Offices:  Department heads are responsible for designating web publishers from their staff.  They can submit their request by filling out the Web Publisher Request Form located here:  www.philasd.org/informationsystems/forms/
  • All Web publishers (employees/non-employees) must abide by the District’s Acceptable Use Policy

Publishing and Maintenance

There are several strategies for the development of a website:

  • Web Publisher – This person will be trained in the WordPress product to build the site and will be supported by the IT development team throughout the process.
  • Information Technology – where applicable (resource availability), IT staffing may be used to build the website.  Once it is built, the expectation is that an office or school Web

Maintenance

Once the site is operational, it is expected that the office or school Web Publisher will maintain the site going forward.


Domain Names, Site Requirements, and Site Launch

Network and Internet Names (domain names)

All schools and offices will have an officially designated and unique ‘website’ name.   This website name will be used for the naming of all websites and applications sponsored by that office or school.

Official network names will be offered the following basic services:

  • websitename@philasd.org will be available as a mailbox or email alias, which can be forwarded to a designated list of users
  • philasd.org/websitename will be the official WordPress site for the office, school or initiative
  • philasd.org/otherprojectname can be requested for special projects or initiatives and must be approved by Communications and Information Technology
  • networkname.philasd.org will redirect to philasd.org/websitename

WordPress Site Requirements – Required Site Content

Each site will be required to publish specific information.  There are also some items that are listed as ‘optional’ but should be considered if the need is there.  The categories will be part of the structure of the theme so that it is common for all sites and easy to reference and update.  A breakdown of the required/optional items are listed below:

Office Content

  • About (includes Mission, Vision & Anchor Goal)
  • Programs or Services
  • Contact
  • Policies
  • Forms or Resources

School Content

  • About Us/Description of school/Welcome message
  • Bell Schedule/Operating Schedule
  • Policies (ex: uniform), or a student handbook
  • Parents & Students exclusive content

Strongly Recommended content for both offices and schools

  • News & Events
  • Faculty & Staff

Site Review / Launching

Once the site has been developed, the Web Publisher will notify the IT and Communications Offices and request that the site be reviewed. The IT office will then review the site to see that it meets the standards set forth in this policy. If the site is approved, IT will work with the Web Publisher/external resource on the necessary steps to launch the site.


Plugins, Themes, and Advertisements

Plugins

Plugins are small programs which enable different features within the web site, such as web-based forms, calendars, or embedded videos.  Since plugins are programs, they must be reviewed for functionality and security vulnerabilities by the Office of IT. Redundant plugins will be reduced to the safest and most common of a particular type.  Additional plugins will be approved only if they are deemed safe and offer different functionality from that of the current inventory. Any approved plugins MUST automatically update itself to patch security flaws repaired by their authors.

Themes

WordPress themes are a collection of settings which allow a web publisher to configure an entire site with a consistent style and color palette while also offering the ability to customize the site to differentiate it from other sites.  Consistency in presentation is important as it ensures visitors that they are viewing a site that is part of an organization and provides them with consistent navigation and information location.

WordPress Template Styles

Administrative offices and schools are required to use the standard template for their site.

As mentioned in the “site review/maintenance” section, all websites will go through an approval process prior to launching.

Advertisements

Web publishers may not incorporate any revenue generating advertisements into any website.  Publishers may acknowledge the sponsorship or support of an outside business or organization by displaying its name or logo on a WordPress page.  Use of another organization’s logo should be reviewed by the Office of Communications in advance.


User Directory, Financial Records, and Email Addresses

User Directory Integration

All WordPress user accounts will be managed by the Office of Information Technology.  The WordPress account will be utilizing the existing Employee Portal username and password. IT is currently using a Single Sign-On system which will add the WordPress system to the Employee Portal and allows for easier navigation between the two properties without logging in each time.

Financial Records

The WordPress platform does not meet the security requirements needed for financial data.  Therefore, WordPress web sites may NOT be used to collect any financial information, including credit card numbers, checking accounts, or bank routing information.  You may provide information for donors, such as address or payee information, to benefit a school or program.

Email Addresses

Policy 815.1 states that publishing individual email addresses requires the consent of the individual.

Web Publishers are encouraged to use contact forms (see section 7) for email contact information posted on their website, which sends the message to an email address that is hidden from the user.

Web publishers are discouraged from publishing district and personal email addresses directly on web sites – malicious web hackers can extract email addresses directly from public facing sites and use them to send spam messages, plant a virus and other malicious activity.


Google Integration and Social Media Usage

Google Integration

The Office of Information Technology will continue to integrate Google properties within WordPress.  Such integrations may include embedding Google Calendars, Documents or Gmail, using only the designated Google account created for each WordPress website.  Additional information will be coming in the near future.

Video Management

If your site requires video content it is recommended to utilize YouTube Education as the vehicle to store and deliver that content to your visitors.  YouTube is the only supported video management platform. The WordPress environment cannot be utilized as a video library system due to space requirements.  YouTube Education is a free service and can be utilized to house your videos in one location.

A Google Apps for Education account will be provided for each WordPress site which corresponds with that site’s name.  All YouTube content for that site must be uploaded and stored within that Google Apps for Education account. The use of individual District Google accounts or personal Google accounts is prohibited.

If assistance is needed to access your office or school YouTube Education account, email webmaster@philasd.org.

Social Media (Facebook, Twitter, LinkedIn, etc.)

Requests for a Social Media account are to be sent to the office of Communications for review and approval.  If the social media account is permitted, it must not be registered using an SDP employee e-mail address. An office account will be issued which can be shared by a limited number of users for social media.  A request to have the site unblocked must be submitted via the SDP Internet Filtering Request application. From within the District, some social networking sites may not be available.

Blogging

Sites can have blogging capabilities.  The ‘Response’ feature will be turned off as we cannot control user access to the site or monitor responses posted.  The site owner is responsible for any blog content that is posted and users should be informed to contact an office representative if they wish to respond to a post with a written/verbal response.


Web Application Development and Hosting Policy

Dynamic Website Applications

PHP 5.3.3+ / Java 1.7+

All PHP development must be built with the CodeIgniter 3.x Framework to maintain compatibility with the District’s application servers and provide consistent Model-View-Controller standardization.

Java applications built for the District must be deployable as web archives (WARs) on the District’s Apache Tomcat 8.x application servers.

For any given project, the choice of programming language depends on a full understanding the functional requirements documented by a Business Analyst.  The language choice should not be made prematurely.

Hosting Policy

For reasons of security, performance and suitability, PHP and Java applications built for the District will be hosted exclusively on the District’s application servers on its own network.  These applications require direct and secure connections to the District’s business databases also housed within its network. These data-driven applications must interface with the District’s relational database platform, Oracle 12c.  MySQL databases can be used for PHP or Java applications, but are discouraged. There will not be an emphasis on importing or synchronizing business databases, such as the District’s data warehouse or Operational Data Stores.

The District’s WordPress environment will be hosted internally.

Last modified: July 16, 2018