Data Privacy and Security

This site is designed to provide parents with information and processes related to student data privacy and security in accordance with New York State Education Law 2D. This includes the North Warren Data Privacy and Security Policy, the Parent's Bill of Rights, Data Privacy Complaint Process and links to vendor contracts and assurances regarding the responsible use of your student's information.

Data Protection Officer

Michele French, Superintendent of Schools mfrench@northwarrencsd.org (518) 494-3015


Data Privacy and Security Policy

In January 2020, the NYSED Board of Regents adopted Part 121 of the Commissioner's Regulations for the Strengthening of Data Privacy & Security in NYS Educational Agencies to Protect Personally Identifiable Information (PII) pursuant to Education Law sections 2-d, 101, 207, and 305. District and BOCES policies are expected to be adopted no later than October 1, 2020.

The North Warren Central School District policy #5676 details specific privacy protections that ensure:

  1. Every use and disclosure of personally identifiable information (PII) by North Warren CSD shall benefit students and the district, such as improve academic achievement; advance efficient and effective school operations; empower families and students with information;

  2. Personally identifiable information (PII) shall not be included in public reports or documents;

  3. Parents, legal guardians, and eligible students (students who are age 18 or older) are afforded all the protections, where applicable, under the Family Education Rights Privacy Act (FERPA) and the Individuals with Disabilities Act (IDEA) and the federal regulations for implementing those statuates;

  4. Alignment with the National Institute for Standards & Technology (NIST) Cybersecurity Framework.

  5. Annual training and notification for employees that handle student, teacher and/or principal PII.

  6. Publication of the North Warren data security and privacy policy on its website for its community of stakeholders.

District Policy #5676 Privacy & Security for Student Data, Teacher Data, Principal Data

Parent's Bill of Rights

The purpose of the Parents’ Bill of Rights is to provide information to parents, legal guardians, those in parental relation to students and eligible students (age 18 and older) about certain legal requirements that protect personally identifiable (PII) information pursuant to state and federal laws.

North Warren CSD Bill of Rights for Data Privacy & Security

Third Party Vendor Contracts

Greenwich CSD may utilize vendors through paid contracted services and/or free services activated through individual user Terms of Service (click wrap) agreements for one or more technology services in the provision of its educational services. These include software, mobile or web applications, and/or web-based services.

For information about vendors that collect, process, store, or analyze personally identifiable student data or teacher/principal evaluation data to support our educational services:

2020-2021 Vendor Privacy Policies and Supplemental Agreements


Inventory of Student Data Collected by the New York State Education Department

As required by New York State Education law Section 2-d, NYSED publishes a list of the data elements that it collects from NYS school districts and the purpose of the data collection.

NYSED Inventory List of Student Data Collected

Complaint Procedures for Unauthorized Data Disclosure / Data Breach

Parents, legal guardians, eligible students (students who are at least 18 years of age or attending a post-secondary institution at any age), principals, teachers, and employees of an educational agency may file a complaint about a possible data breach or improper disclosure of student data and/or protected teacher or principal data.


  1. To submit a complaint, please download & complete the North Warren CSD Unauthorized Data Disclosure/Data Breach Form. Paper forms are also available in the schools' main office.

  • Completed forms may be submitted by email to the Data Protection Officer, Michele French, Superintendent of Schools at mfrench@northwarrencsd.org (518) 494-3015 or forms may be submitted or mailed to the district office at 6110 State Route 8, Chestertown, NY 12817.

  1. Ms. French, or assigned designee, will contact the complainant by phone or email to review the complaint, and inititate an investigation.

  2. Investigations will be completed and finalized in a reasonable amount of time, typically, within 60 calendar days from the receipt of the complaint. In the event the investigation needs to extend beyond 60 days, due to extenuating circumstances, the complainant will be contacted to inform them of the delay and the expected timeline for completion.

  3. North Warren CSD will maintain a record of all complaints of data breaches or unauthorized releases of student/staff data & their disposition in accordance with applicable data retention policies, and report complaint reports & investigations as directed by NYS Ed Law 2d / Part 121 Regulations to the NYSED Chief Privacy Officer.

Additional Information & Resources:

For information about Federal Laws that protect Student Data (FERPA, PPRA, COPPA):

For information about NYS Education Department's Data Privacy & Security Resources

Family/Parent Resources to learn more about how to protect your child's data: