Brevard County (Florida)
Administrative Procedures
 

7540.11 - ELECTRONIC DATA CONFIDENTIALITY PROCEDURE

The purpose of this procedure is to assign responsibility and provide procedures related to the use of Data Encryption in mobile computing devices. The Superintendent or designee is responsible for providing policy and procedural guidance for establishing, operating, and maintaining the Board's mobile computing device services. The considerable benefits gained by mobile computing to convey and process information quickly must be balanced by responsible use and security of these devices and the data that resides on them. Each user is personally responsible for protecting Confidential District Data.

 A.Confidential Data
  This includes student records; any finance data, HR data, and SSN's which must be protected at all times to prevent the unauthorized modification, disclosure, or destruction. See applicable policies below.

 B.Personal Laptops and other mobile devices
  Mobile Devices as they apply to this Procedure are any devices that store, process or send/receive confidential data include the following: Personal laptops, Mobile phones, Smart phones, PDA’s, USB drives, iPods or any other mobile electronic devices.

 C.Mobile Encryption Requirements for Confidential Data.
  The Minimum standard should meet or exceed: AES-256, Serpent, and Twofish.

 D.Applicable Policies

  1.Policy 7540.04 - Staff Network and Internet Acceptable Use & Safety

  2.Policy 7540.08 - Mobile Device Assignment and Use Procedure

  3.Policy 8330 - Student Records

  4.Policy 8350 - Confidentiality

 E.Detailed Instructions
  To view the original documentation with full screen shots visit http://www.truecrypt.org/docs/.

Approved 4/27/10