Skip Navigation
Forum Unified Education Technology Suite
  Home:  Acknowledgments and Introduction
  Part 1:  Planning Your Technology Initiatives
  Part 2:  Determining Your Technology Needs
  Part 3:  Selecting Your Technology Solutions
  Part 4:  Implementing Your Technology
  Part 5:  Safeguarding Your Technology
  Part 6:  Maintaining and Supporting Your Technology
  Part 7:  Training for Your Technology
  Part 8:  Integrating Your Technology
  Appendix A: Sample
Acceptable Use
Agreements and Policies
  Appendix B: FERPA Fact Sheet
  Appendix C: Web Guidelines
  Appendix D: Sample Security Agreements
  List of Tables and Figures
    Powerpoint Overview (700KB)
NCES Webmaster
Appendix C: Web Guidelines

Web Publishing Guidelines


Because basic websites are not difficult to develop, many schools and individual students are creating their own Internet sites. Any site associated with an education organization will reflect on that organization, so it is important to develop policies that ensure consistency, while not stifling creativity. This appendix discusses guidelines an organization should consider to present a functional site that reflects its mission. Guidelines address establishment of a content approval process, determining a site’s "look and feel," and control of updates and revisions.

Guidelines that incorporate procedures and regulations in the areas of content, technology, and usability are effective in developing a foundation to maintain an effective, user-friendly, and secure site. Education organizations need to be aware of privacy rights, factors that affect how webpages are displayed by different browsers, and especially the many security issues related to Internet and web access in schools and education organizations. Organization guidelines should be made available to all people (i.e., staff members, contractors, volunteers, and students) who develop or post content to the site.

Because any website associated with an education organization will reflect on the organization, it is important to develop policies that will ensure appropriate content and consistent presentation without stifling the creativity of students, staff members, and other contributors.

Content Guidelines

Many times, the first impression the public has of an education organization is its website. In addition to reflecting the organization’s mission and containing appropriate and useful content, the site should be attractive and well organized. A district, for example, may decide to include a page on its website about employment opportunities. If the application procedures on the site enhance the ease of applying and contain useful information about employment in the district, the site may help the district attract new teachers. A disorganized website will likely create a poor impression of the district and may turn prospective teachers away.

Regardless of the sophistication of the site, several basic management rules apply. First, the site should be organized so that a novice can navigate easily from one section to the next. A good rule for all but the most complicated sites is that the user should be no more than two "clicks" (i.e., links) away from important information. Links to sites that are outside the control of the organization should be clearly identified. Second, pages should be neat, clean, and clear—a cluttered screen makes it difficult to find the content. Finally, each page should be checked periodically to ensure that all graphics are loading properly and that all links are active. If the organization does not have the resources to support a sophisticated site, it is better to start with a simple site that can be kept current and operational than to have a site filled with "under construction" graphics and/or outdated information.

Links to sites that are outside the control of the organization should be identified by
clear and explicit warnings. For example:

You are now leaving the [insert name of organization] website. We have provided a link to this site because it has information that may be of interest to our users; however, [insert name of organization] does not necessarily endorse the views expressed or the information presented on this external site.

In many cases, education organizations perceive the website primarily as a vehicle for informing staff, students, and the general public about their activities and goals. To effectively administer content on the organization’s website, policy and procedural guidelines should be established as a component of the organization’s technology plan before proceeding with website development.

Guidelines for Posting New Content

The first step, before any programming begins, is to determine what the organization needs and wants the website to do. Beautiful sites can be created with flashing icons, dynamic colors, and interesting text. However, if the content does not meet the needs of the organization, the value is, at best, limited.

Everyone has visited a website that is difficult to navigate—where one has to spend a great deal of time "clicking" around the site, or where links to other sites do not work. Without guidelines and a quality control process, problems like these are inevitable.

The organization should develop a clear process for deciding what and how new materials are posted to the website, including whether an approval procedure is needed for new sites and pages. The procedure may be as simple as a request for space on the organization’s server, or it may be a more complex process involving a formal review of proposed sites and pages prior to approval.

It is important for the organization to distribute the guidelines for posting new content and to make sure that staff members are aware of the process. Posting the procedures and content guidelines on the website for easy access can accomplish this task. Additionally, it is imperative that staff members understand the procedures and guidelines.

Local coordinators and students may develop innovative school websites in-house. While the organization will want to support such innovation, the use of nonprofessional web developers makes strong guidelines even more important. Because the district is ultimately responsible for the content on school websites, it may be in the district’s best interest to have a representative (e.g., a school site coordinator or webmaster) at each school who understands and is able to support and enforce district guidelines and regulations.

When the district is unable to assign a site coordinator or webmaster, every effort should be made to ensure that there is a person familiar with district guidelines and other regulations at every location where someone has posting authority.

What Should the Content on a Website Look Like?

Website design should present a consistent look and feel for a sense of continuity across a site’s pages. One way to accomplish this is through the use of style sheets that are embedded or linked to the site within the programming design. Style sheets, or templates, define the format for each page in terms of elements such as type face, margin width, heading specifications, spacing, and layout.

This does not mean that all pages need to look the same. Not all webpages on a site will use style sheets. The purpose of style sheets and other formatting tools or guides is to create consistency, not stifle creativity. However, each style sheet should contain:

  • a home button that returns the user to the site’s home page with one click of the mouse
  • the name, address, and telephone number of the organization
  • the webmaster’s e-mail address
  • copyright notification
  • a privacy statement

Advertising on the Website

The organization must address the issue of advertising on its website. Product advertising is allowed in some schools and districts or at some venues within a school or district (e.g., at athletic events). Other organizations do not permit advertising under any circumstances. Policy decisions regarding website advertising should be consistent with other organizational policies concerning advertising.

Organizations should be wary of Internet Service Providers (ISPs) that offer "free" disk space or other services in exchange for the right to display advertising on the site. Some of these services will run banner advertisements or pop-up ads while the user (in the school’s case, a student) is online. Some ISPs even profile users, then sell their names and other access information to other service providers or advertisers. While this process is commonplace on the Internet, it may be inappropriate for school or district sites.

Some organizations have determined that it is in the best interest of the students and staff to limit website access to government and other research sites that do not carry commercial endorsements or permit "pop-up" advertising. This is accomplished by using a program to filter out unwanted sites. Situations also exist in which a vendor who programs a website or a donor who funds a website requests that the organization place an "icon" on its home page to advertise their contribution. If the organization agrees to place an icon of this type on the website, many more requests may follow.

Website Disclaimer

A disclaimer statement should appear on the organization’s website to acknowledge that the public is free to browse the site. The statement should include information about copyrighted material and may include language that disclaims responsibility for some Internet activities. The organization should consult with legal counsel about the specific language and content of the disclaimer. To view an example of a website disclaimer, visit West Virginia’s State Department of Education website.

Technical Guidelines

There are several technical guidelines the organization should employ when webpages are created. If the organization’s website is to be maintained and updated by more than one person, an established set of procedures for accomplishing these tasks will help to ensure dependability and consistency. The technical guidelines developed by the organization can serve as the procedural handbook for implementing policies governing web use. Aspects to consider when developing technical guidelines include:

  • compatibility of guidelines with recent releases of the major web browsers, as well as with older browsers
  • optimization for different web browsers
  • load time of the website using a variety of connection speeds
  • use of approved file extensions and directory structure
  • use of an Internet-friendly color palette
  • content of meta tags—information inserted into the "head area" of the webpage—to improve access to the organization’s website by search engines from outside the organization
  • removal of unnecessary HTML tags
  • use of standard navigation bars and icons throughout the site
  • determination of whether to use, or prohibit, frames

Contractors who develop sites for educational organizations should be subject to the same guidelines concerning website development as are in-house developers. While a contractor may have access to additional technical standards and guidelines, the organization is still responsible for content, accessibility, and style. Accordingly, there should be clear standards and procedures in place when the contractor is selected, and the contractor should agree to abide by all of the standards before the organization signs a contract.

Password Security

The use of passwords is important for securing the privacy and confidentiality of student and personnel information. Passwords can also assist the organization in monitoring access to mission-critical applications. All organizations that maintain a website, including schools, should consider policy issues related to password security. These procedures should be written and distributed to all members of the organization. Relevant password issues include the following:

  • A password should consist of both alphabetic and numeric characters.
  • The organization should require that passwords be of a sufficient length (e.g., at least eight characters).
  • The organization should establish procedures that require passwords to be changed frequently (e.g., every 30 to 60 days).
  • Passwords should not be shared or "loaned" to another person.
  • Passwords should not be written down.

Password-related security procedures might include the establishment of a help desk or an automated process for staff members to contact when a password is forgotten. Password restoration procedures should include a method for verifying the identity of the person calling the help desk. This could include recalling the staff member’s social security number, mother’s maiden name, place of birth, or other item that will identify the person requesting a new password.


checkmark Organizations should establish guidelines for posting content on a website.
checkmark Website content guidelines should address consistency without stifling creativity.
checkmark Organizations should develop procedures to deal with advertising on the Internet, especially if the organization uses an outside ISP to host the website.
checkmark Technical guidelines are necessary for password protection.

Web-Related Legal Issues and Policies


Some aspects of web development are influenced by local, state, or federal laws and regulations. Many of these regulations are adapted from rules or laws that existed before the advent of the Internet. For example, education organizations have long been required to comply with copyright regulations, Sunshine Laws, and student privacy rights. New technologies mean that new procedures may need to be instituted.

This resource provides general guidelines for awareness of potential legal issues, but does not purport to give legal advice. Specific legal questions should be discussed with the organization's legal counsel.

Certain aspects of maintaining a website, such as accessibility, privacy, and copyright, may require compliance with federal laws or regulations. Whether working with outside sources on the development and/or maintenance of a website or managing the process in-house, the organization needs to have policies in place to ensure that usability guidelines are followed.

Internet Usage

At the same time an organization is deciding on content for a prospective website, staff should be thinking about related policy issues that might affect the organization. Many of the needed policies, such as "acceptable use" and "right to know," have legal implications and may be required by local, state, or federal regulations. While some school districts and state departments of education are attuned to the need for many of the policies and guidelines described below, the school technology coordinator and/or the students creating the school website may not be aware of the policy issues that arise when a website is developed. The local and state education organizations are ultimately responsible for their websites and must ensure that each school adheres to applicable laws and regulations.

If policies already exist, but have not been revised to reflect changing needs, expectations, and technologies, the organization should initiate a thorough review and revision as soon as possible.

Acceptable Use Policies

Whether an education organization provides direct services to students or serves as a support or regulatory body for schools, adoption of an Acceptable Use Policy (AUP) is essential. The purpose of such a policy is to inform users of the ground rules on web use, thereby protecting them and the education organization from violations of law, practices that would damage the system, or misunderstandings regarding responsibility for user actions.

A sample Acceptable Use Policy (AUP) is provided in Appendix A.

The responsibility of "acceptable use" comes with the privilege of Internet access that is afforded to students, staff, and other system users. No one should be using the Internet in a school or district environment until that person has reviewed and signed the organization’s AUP. Where students are concerned, parents need to review the AUP and complete the signature page, indicating their understanding.

The AUP should be available in a variety of formats for those who do not speak English or who have a disability that makes reading the policy impractical. Finally, the organization should avoid including provisions in the policy that it is not willing to enforce, or that will create difficult legal situations by their enforcement. All users need to understand the consequences of failure to comply with the AUP.

Each AUP should include a detachable page where the user, or the parent or guardian of a student, can acknowledge that he or she has received, read, and understood the policy. The organization should retain this sign-off sheet. Parents need to work with organization personnel to ensure that students understand all components of the AUP.

An example of an AUP along with a parent signature sheet and other policy documents are provided in Appendix A.

Open Meeting (Sunshine) Laws and the Freedom of Information Act

Every state has some version of an open meeting law, frequently called a "Sunshine Law" or "Right-to-Know Law." The intent of this type of statute is to ensure that public business is conducted openly and that access to public records is guaranteed to the citizens of the state.

Many of these laws have not been updated to recognize electronic communication; however, this has not stopped courts from applying the laws to such communication. To avoid problems that might arise, a public organization that maintains a website, an e-mail server, list servers, or electronic bulletin boards should proactively establish policies for information management that comply with applicable open meeting laws (especially when the communication tools are used by administrators or a governing body, such as a board of education, to conduct official business).

Use of electronic media to inform public officials and the public generally is not contrary to law. However, in many states, when the communication invites or results in responses from and discussion among public officials, such communication may constitute an illegal meeting. Some states’ laws specifically prohibit electronic meetings. Others, while not prohibiting such a meeting, may require public notice stating that the meeting will occur and identifying a location where the public, in real time, can monitor the electronic communications. Education organizations must check with legal counsel to verify which laws apply in their jurisdictions.

Under the Freedom of Information Act (FOIA), members of the public can request, and must be granted access to, any documents in the possession of a public organization that address public business and are not specifically protected by other statutes establishing classes of confidential records, such as the Family Educational Rights and Privacy Act (FERPA). Over the years, public organizations have developed records retention policies designating how long paper documents must be retained before disposal or destruction. Under FOIA, electronic files are subject to the same legal requirements as paper documents, so it is important for an education organization to maintain an archive or archives of e-mail and other electronic documents as they would paper documents.

Usability Guidelines

Simply stated, usability guidelines ensure that visitors using various software packages are able to view a website. For example, programming requirements for Microsoft’s Internet Explorer® are somewhat different from those for Mozilla®. Websites should be programmed to accommodate users of both applications. While there are no legal requirements to accommodate users of different software applications, it makes sense to consider the issue and establish guidelines.

Accessibility Guidelines

The World Wide Web Consortium (W3C), an international group seeking to optimize the use of the web, has developed standards to address section 508 of the Rehabilitation Act [29 U.S.C. 749d] requirements. These standards, known as the Web Access Initiative (WAI), provide practical guidance for web developers when designing accessible webpages. The standards are prioritized and include sample HTML programming code to assist developers.

Website accessibility measures include the following directives:

  • Attach alternative text tags to graphics. The tags can be spoken to visually impaired and blind users with programmable screen readers.
  • Avoid the use of red and green in web text. The use of style sheets to set standard color schemes on a webpage will enable color-blind users to modify colors easily from within their own browsers.
  • Enable synchronized captioning of audio files and avoid the use of streaming audio for deaf and hearing-impaired users.

A free service for checking website accessibility according to WAI and section 508 standards is located at For more detailed information about W3C and WAI guidelines, visit

Student Rights and Privacy

The Family Educational Rights and Privacy Act (FERPA) regulates the dissemination of student information. These regulations apply to both paper and electronic records as well as information posted on the Internet or web. A FERPA Fact Sheet is provided in Appendix B.

The posting of student work, photos, or other personally identifiable information on a website is one of the most important issues addressed by federal and state privacy laws. Student privacy is a responsibility of each individual in an education organization. Even computer programmers need to be trained on the provisions of federal, state, and local laws and regulations that prohibit the display of individual student information, particularly when such information exists in organization databases.

Even if a district does not maintain a database of all students, it is possible that databases of special education or Medicaid-eligible students exist. These databases would be subject not only to the privacy requirements of FERPA [20 U.S.C. 1232g] but also the privacy regulations of the Individuals with Disabilities Education Act [20 U.S.C. 1400 et seq.] (IDEA) and the Health Insurance Portability and Accountability Act of 1996 [45 CFR Parts 160 and 164] (HIPAA). In addition to protecting the privacy of students, organizations maintaining databases must provide security for employee records as well.

Discussing federal laws and regulations about student privacy may seem unrelated to webpage design and development, but developers must realize that it could be possible for a person to initiate contact with a student simply by using information obtained on the Internet. A photograph connected to a name displayed on a school website makes the scenario even more frightening.

Copyright Compliance

Many educators have common misconceptions about the fair use doctrine for schools and libraries under the United States Copyright Law [17 U.S.C. 107 et seq.]. This misunderstanding, coupled with a general belief that anything found on the Internet is free for the taking, can put the organization at risk of severe legal penalties.

Establishing a link from one website to other websites is entirely within legal practice; however, copyright law protects the content of those websites. It is imperative that educators have a reasonably good understanding of what constitutes "fair use" and what is prohibited. The education organization’s policies and procedures should provide specific guidance to users and should establish, without equivocation, that any violation of copyright law is contrary to the policies and practices of the organization.

Copyright compliance applies to student use of the Internet as well. For example, it is important for educators to require that students respect "fair use" by using citations and quotes with information obtained over the Internet for use in class presentations and reports.


Filtering of Internet content is one of the most controversial issues facing education organizations. Proponents of filtering are concerned about protecting children and teens from inadvertently, or intentionally, visiting sites with pornographic material, hate group rhetoric, or other inappropriate material. Opponents believe that censorship of any kind, even for children, sets a dangerous precedent that is contrary to the free speech provisions of the U.S. Constitution.

For schools and districts participating in the federal E-rate discount program, the question of whether to filter is answered by provisions of the Children’s Internet Protection Act (CIPA) (P.L. 106-554). This act requires organizations receiving E-rate discounts for school connectivity or Internet access to employ a filter, regardless of their philosophical preferences.

Indeed, most school districts deal with filtering and web-based advertising proactively. They filter all sites and then determine which sites would be appropriate for use within the organization. Students are allowed access to approved sites only.

There are many options available for organizations that choose or are required to place some type of filtering system on their web browsers. All methods should be carefully evaluated in order to determine what they do, how they operate, and how much time the organization will need to devote to maintaining the filtering system.

The earliest filtering programs still in common use contain lists of keywords or phrases likely to be found on objectionable websites. These lists tend to be static and inflexible. The primary complaint about this type of filter is that it also blocks access to a large number of appropriate sites, such as those describing research on breast cancer and government data files listing the data element for gender as "sex."

An alternative to the list filter is a subscription to a service that reviews and screens new sites for objectionable material on an ongoing basis. Specific sites, rather than words and phrases, are blocked. The main objection to this method of filtering is that access to some objectionable sites is still possible because monitoring every site on the Internet is impractical. A newly emerging challenge for filtering services is the purchase by "disreputable" companies of Uniform Resource Locators (URLs), or web addresses, previously owned by other businesses and organizations. These URLs are used to mask the true nature of a site.

Most subscription lists accommodate manual overrides to permit the local network administrator to define trusted and questionable domains. Reviewing lists to determine what the filter should override is a time-consuming and, therefore, expensive process. In general terms, it is impractical for an organization to structure its entire filtering system on this basis.

A larger organization may choose to develop its own process for filtering the Internet. While providing more flexibility for the organization, this effort can be resource intensive. Personnel will need to be assigned to determine which sites should be filtered. The organization will need to establish procedures for monitoring the filter and for responding to requests from staff to modify the filtering protocol.

In addition to filtering content and advertisements, the organization may consider filtering unacceptable services. For example, it may block "free" web-based e-mail services, instant messaging services, or chat rooms. The organization also may choose to block the downloading of multimedia content, such as music files or movies, because of its heavy use of bandwidth and copyright concerns.

Within the local network, the organization may have the ability to restrict Internet access on specific computers or work groups, while granting broader access to others. Thus, a filter may be active on the firewall for computers used by students but configured to grant greater freedom to faculty or administrative staff computer users.

Organizations discussing a software or hardware solution with vendors should ask about the criteria used to determine what is to be filtered. If a vendor has a specific political or moral agenda, for example, it could adversely affect services provided to the education organization.

An important caveat to keep in mind, however, is that while there is a great deal of discussion about schools filtering inappropriate sites on the Internet, there is no substitute for the vigilance of teachers. Professional development programs should stress that surfing the Internet is an inappropriate activity for students at school. Use of the web in a classroom should be treated as an instructional and research tool, not entertainment.

Logging System Usage

Even if an organization does not require filtering, the related issue of maintaining Internet logs must be considered. Internet logs are electronic records that document those sites visited from the organization’s network. One New Hampshire parent successfully sued a school district to gain access to its Internet logs in order to determine whether the district (which was not filtering) was providing enough protection to students through its AUP. The judge granted the parent’s request for access, but the district had already deleted the logs.

In addition to the question of access, the district found itself having to defend its position related to the deletion of the records. The problem was not just that the records were deleted, but that there was no policy governing a file maintenance schedule or purging procedure. In short, because the district had no standard operating procedure in place, it appeared to the judge that the logs were deleted to prevent their use as evidence in the legal action. The court found the school district to be in contempt of court and ordered it to produce the remaining records and to pay the parent’s costs and attorney’s fees. The case could set a precedent regarding parent access to logs that would affect schools and districts nationwide.


checkmark The school district is responsible for any website that is developed at a school within that district.
checkmark An AUP should be applied to all Internet users within the organization.
checkmark The Freedom of Information Act and state Sunshine Laws have an impact on the use of the Internet in an education organization.
checkmark Usability standards can be employed to ensure that a website has the widest possible audience.
checkmark Student rights and privacy guidelines that apply to the education community include the use of the Internet and its components, such as the World Wide Web.
checkmark Usability guidelines must address access for individuals with disabilities and the protection of privacy and confidentiality rights of students.

There are many options available for filtering web content.

Previous Page -- Appendix B: FERPA Fact Sheet Next Page -- Appendix D: Sample Security Agreements