In accordance with the requirements of Education Law 2-d, NYSED had adopted a 2-d Bill of Rights for Data Privacy and Security that authorizes NYSED’s Chief Privacy Officer to address complaints about possible breaches and unauthorized disclosure of Student PII.

The Chief Privacy Officer is required to issue an annual report on (1) data privacy and security activities and progress, (2) the number and disposition of reported breaches, if any, and (3) a summary of any complaints of possible breaches of student data or teacher or principal annual professional performance review data (PII).