Technology Department

Computer Network Use Policy| Parents’ Bill of Rights for Student Data Privacy and Security| Third-Party Contractors| Draft Technology Plan

Computer Network Use Policy

Technology for Education

To view the district’s computer network policy, click here:  Privacy and Security for Student Data and Teacher and Principal Data Policy.
For any questions, please see your building principal.

Parents’ Bill of Rights for Student Data Privacy and Security

The Middleburgh Central School District, in recognition of the risk of identity theft and unwarranted invasion of privacy, affirms its commitment to safeguarding student personally identifiable information (PII) in educational records from unauthorized access or disclosure in accordance with state and federal law. 

The Middleburgh Central School District establishes the following parental bill of rights:

  • Student PII will be collected and disclosed only as necessary to achieve educational purposes in accordance with State and Federal Law.
  • A student’s personally identifiable information cannot be sold or released for any marketing or commercial purposes by the district or any third party contractor. The district will not sell student personally identifiable information and will not release it for marketing or commercial purposes, other than directory information released by the district in accordance with district policy;
  • Parents have the right to inspect and review the complete contents of their child’s education record (for more information about how to exercise this right, see 5500-R);
  • State and federal laws, such as NYS Education Law §2-d and the Family Educational Rights and Privacy Act, protect the confidentiality of students’ personally identifiable information.  Safeguards associated with industry standards and best practices, including but not limited to, encryption, firewalls, and password protection, must be in place when data is stored or transferred;
  • A complete list of all student data elements collected by the State Education Department is available for public review at http://nysed.gov.data-privacy-security or by writing to: Chief Privacy Officer,
    New York State Education Department
    89 Washington Avenue
    Albany, NY 12234
  • Parents have the right to have complaints about possible breaches and unauthorized disclosures of student data addressed.
  • Parents who have concerns or complaints about data privacy or security may file a complaint using this form and contact Data Protection Officer,
    Mark Place
    291 Main Street,
    Middleburgh, NY 12122
  • Complaints can also be directed to the New York State Education Department using the improper disclosure form. You can also make a complaint by mailing the Chief Privacy Officer at the
    New York State Education Department,
    89 Washington Avenue,
    Albany, NY 12234
    or by emailing privacy@mail.nysed.gov or calling (518) 474-0937.
  • Parents have the right to be notified in accordance with applicable laws and regulations if a breach or unauthorized release of their student’s PII occurs.
  • Parents can expect that educational agency workers who handle PII will receive annual training on applicable federal and state laws, regulations, educational agency’s policies and safeguards which will be in alignment with industry standards and best practices to protect PII.

In the event that the district engages a third party provider to deliver student educational services, the contractor or subcontractors will be obligated to adhere to state and federal laws to safeguard student PII. Parents can request information about third party contractors by contacting the district office.

Click here to read the Parents’ Bill of Rights for Student Data Privacy and Security policy.

Third-party Contractors

The district will ensure that contracts with third-party contractors reflect that confidentiality of any student and/or teacher or principal PII be maintained in accordance with federal and state law and the district’s data security and privacy policy.

Each third-party contractor that will receive student data or teacher or principal data must:

  1. adopt technologies, safeguards and practices that align with the NIST CSF;
  2. comply with the district’s data security and privacy policy and applicable laws impacting the district;
  3. limit internal access to PII to only those employees or subcontractors that need access to provide the contracted services;
  4. not use the PII for any purpose not explicitly authorized in its contract;
  5. not disclose any PII to any other party without the prior written consent of the parent or eligible student  (i.e., students who are eighteen years old or older):
    1. except for authorized representatives of the third-party contractor to the extent they are carrying out the contract; or
    2. unless required by statute or court order and the third party contractor provides notice of disclosure to the district, unless expressly prohibited.
  6. maintain reasonable administrative, technical and physical safeguards to protect the security, confidentiality and integrity of PII  in its custody;
  7. use encryption to protect PII  in its custody; and
  8. not sell, use, or disclose PII for any marketing or commercial purpose, facilitate its use or disclosure by others for marketing or commercial purpose, or permit another party to do so. Third party contractors may release PII to subcontractors engaged to perform the contractor’s obligations, but such subcontractors must abide by data protection obligations of state and federal law, and the contract with the district.

If the third-party contractor has a breach or unauthorized release of PII, it will promptly notify the district in the most expedient way possible without unreasonable delay but no more than seven calendar days after the breach’s discovery.

Third-Party Contractors’ Data Security and Privacy Plan

The district will ensure that contracts with all third-party contractors include the third-party contractor’s data security and privacy plan. This plan must be accepted by the district.

At a minimum, each plan will:

  1. outline how all state, federal, and local data security and privacy contract requirements over the life of the contract will be met, consistent with this policy;
  2. specify the safeguards and practices it has in place to protect PII;
  3. demonstrate that it complies with the requirements of Section 121.3(c) of this Part;
  4. specify how those who have access to student and/or teacher or principal data receive or will receive training on the federal and state laws governing confidentiality of such data prior to receiving access;
  5. specify if the third-party contractor will utilize sub-contractors and how it will manage those relationships and contracts to ensure personally identifiable information is protected;
  6. specify how the third-party contractor will manage data security and privacy incidents that implicate personally identifiable information including specifying any plans to identify breaches and unauthorized disclosures, and to promptly notify the district;
  7. describe if, how, and when data will be returned to the district, transitioned to a successor contractor, at the district’s direction, deleted or destroyed by the third-party contractor when the contract is terminated or expires.

Learn more about the vendors we work with, here’s a link to our third-party contracts.

To read the entire Information and Data Privacy Security, Breach and Notification policy, please click here.

2022-2025 Draft Technology Plan

Access Middleburgh’s Technology Plan here, (If you need help accessing this document call the main office at (518) 827-3600  x3625)

Overall district mission

It is the mission of the Middleburgh Central School District to be a productive and responsible learning community, where all are inspired to achieve  excellence. 

Vision statement that guides instructional technology use in the district

Instructional Technology will connect students, staff, and the community to transformational learning experiences in an innovative environment. 

Action plan – goal 1 

Middleburgh will incorporate Digital Literacy content into the 5th and 6th-grade student curriculum by June 2023. 

The NYSED goal that best aligns with this district goal 

Design, implement, and sustain a robust, secure network to ensure sufficient, reliable high-speed connectivity for learners, educators, and leaders.

Action plan – goal 2 

To increase cyber security at Middleburgh the district will provide additional training to staff, utilizing Mimecast in the 2022-2023 school year.

The NYSED goal that best aligns with this district goal

Provide access to relevant and rigorous professional development to ensure educators and leaders are proficient in the integration of learning technologies.

Action plan – goal 3

To support access to materials in-district and remotely Middleburgh will increase the use of cloud base storage (reflected as a 25% increase from July 1, 2022, to December 31, 2024). 

The NYSED goal that best aligns with this district goal 

Increase equitable access to high-quality digital resources and standards-based, technology-rich learning experiences 

How the district use of instructional technology will serve as a part of a comprehensive and sustained effort to support rigorous academic standards attainment and performance improvement for students

Integrated Instructional Technology will allow students to engage and develop 21st Century Skills in multiple and varied ways. The plan seeks to transform our pedagogy from a one-size-fits-all, teacher-centered model to a student-centered, whole child and individual approach that privileges and fosters collaboration and critical thinking.

Teachers can access a variety of tools to enhance their lessons and gauge students’ understanding in real-time (Castle Learning, Pear Deck, Google Classroom, IXL, Seesaw, etc.). Students are given choices within assignments to demonstrate their understanding of content. Allowing students to demonstrate understanding and mastery of content through choice allows students to use their strengths while demonstrating proficiency most suitable for their unique learning style.

The strategies the district plans to implement to address the need to provide equitable learning “everywhere, all the time” (National Technology Plan). Include both short and long-term solutions, such as device access, internet access, human capacity, infrastructure, partnerships, etc.

Middleburgh CSD has shifted to cloud-based platforms to ensure that classroom materials are available at all times. Students 7-12 have individual devices assigned to them that they can take home. K-6 students have 1:1 devices within the classroom, and upon parent request, students can bring their devices home. In addition, the district is utilizing ClassLink as a single sign-on platform to help students securely access programs that require a log-in for both in school and at home ease of access.

As a rural district, Middleburgh still has issues with connectivity in remote locations within our district. Hot spots were not successful in bringing the internet to these locations due to a lack of cell phone coverage. To increase access to the internet we are working with local communication companies to increase broadband assess in these remote locations.