Data Privacy
Information
Data Privacy and Security -
New York State Education Law 2-d
New York State Education Law 2-d
The NYS Board of Regents adopted Part 121 of the Regulations of the Commissioner of Education on January 13, 2020. These rules implemented Education Law Section 2-d and provided guidance to educational agencies and their third-party contractors on ways to strengthen data privacy and security to protect student data and annual professional performance review data. The regulation went through multiple sets of revisions and three rounds of public comments and went into effect January 29, 2020. It applies to both charter and traditional public schools. We thank the members of the Data Privacy Advisory Council, implementation planning and drafting workgroups that supported the Department’s Chief Privacy Officer through this process.
Source: NYSED.gov
Parents have the right to have complaints about possible breaches of student data addressed.
Parents can submit a complaint regarding a potential breach to:
Dr. Chad Walerstein
2508 Union Blvd.
Islip, NY 11751
OR
Complaints can be directly to the New York State Education Department:
Chief Privacy Officer New York State Education Department
89 Washington Avenue
Albany, NY 12234
Approved District Software
Click below for our list of approved District software:
Data Privacy and Security Documents
Federal Laws that Protect Students
Family Educational Rights and Privacy Act (FERPA) – The foundational federal law on the privacy of students’ educational records, FERPA safeguards student privacy by limiting who may access student records, specifying for what purpose they may access those records, and detailing what rules they have to follow when accessing the data.
Protection of Pupil Rights Amendment (PPRA) – PPRA defines the rules states and school districts must follow when administering tools like surveys, analysis, and evaluations funded by the US Department of Education to students. It requires parental approval to administer many such tools and ensures that school districts have policies in place regarding how the data collected through these tools can be used.
Children's Online Privacy Protection Rule (COPPA) – COPPA imposes certain requirements on operators of websites, games, mobile apps or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.
Source: NYSED.gov
NYS Ed Law 2-d Definitions
“Educational agency” means a school district, board of cooperative educational services, school, or the education department.
“Personally identifiable information,” as applied to student data, means personally identifiable information as defined in section 99.3 of title thirty-four of the code of federal regulations implementing the family educational rights and privacy act, section twelve hundred thirty-two-g of title twenty of the United States code, and, as applied to teacher or principal data, means “personally identifying information” as such term is used in subdivision ten of section three thousand twelve-c of this chapter.
“School” means any public elementary or secondary school, universal pre-kindergarten program authorized pursuant to section thirty-six hundred two-e of this chapter, an approved provider of preschool special education, any other publicly funded pre-kindergarten program, a school serving children in a special act school district as defined in section four thousand one of this chapter, an approved private school for the education of students with disabilities, a state-supported school subject to the provisions of article eighty-five of this chapter, or a state-operated school subject to the provisions of article eighty-seven or eight-eight of this chapter.
“Student” means any person attending or seeking to enroll in an educational agency.
“Eligible student” means a student eighteen years or older.
“Parent” means a parent, legal guardian, or person in parental relation to a student.
“Student data” means personally identifiable information from student records of an educational agency.
“Teacher or principal data” means personally identifiable information from the records of an educational agency relating to the annual professional performance reviews of classroom teachers or principals that is confidential and not subject to release under the provisions of section three thousand twelve-c of this chapter.
“Third party contractor” shall mean any person or entity, other than an educational agency, that receives student data or teacher or principal data from an educational agency pursuant to a contract or other written agreement for purposes of providing services to such educational agency, including but not limited to data management or storage services, conducting studies for or on behalf of such educational agency, or audit or evaluation of publicly funded programs. Such term shall include an educational partnership organization that receives student and/or teacher or principal data from a school district to carry out its responsibilities pursuant to section two hundred eleven-e of this title and is not an educational agency as defined in paragraph c of this subdivision, and a not-for-profit corporation or other non-profit organization, other than an educational agency.
Source: NYSED.gov