Parents' Bill of Rights for Data Privacy & Security
Parents' Bill of Rights for Data Privacy & Security
Parents (includes legal guardians or persons in parental relationships) and Eligible Students (student 18 years and older) can expect the following:
- A student’s personally identifiable information (PII) cannot be sold or released for any commercial purpose. PII, as defined by Education Law § 2-d and FERPA, includes direct identifiers such as a student’s name or identification number, parent’s name, or address; and indirect identifiers such as a student’s date of birth, which when linked to or combined with other information can be used to distinguish or trace a student’s identity. Please see FERPA’s regulations at 34 CFR 99.3 for a more complete definition.
- The right to inspect and review the complete contents of the student’s education record stored or maintained by an educational agency. This may not apply to parents of a student defined as an Eligible Student (a student 18 years and older).
- State and federal laws such as Education Law § 2-d; the Commissioner of Education’s Regulations at 8 NYCRR Part 121, the Family Educational Rights and Privacy Act ("FERPA") at 12 U.S.C. 1232g (34 CFR Part 99); Children's Online Privacy Protection Act ("COPPA") at 15 U.S.C. 6501-6502 (16 CFR Part 312); Protection of Pupil Rights Amendment ("PPRA") at 20 U.S.C. 1232h (34 CFR Part 98); the Individuals with Disabilities Education Act (“IDEA”) at 20 U.S.C. 1400 et seq. (34 CFR Part 300); protect the confidentiality of a student’s identifiable information.
- Safeguards associated with industry standards and best practices including but not limited to encryption, firewalls and password protection must be in place when student PII is stored or transferred.
- A complete list of all student data elements collected by NYSED is available at http://www.nysed.gov/data-privacy-security/student-data-inventory and by writing to: Chief Privacy Officer, New York State Education Department, 89 Washington Avenue, Albany, NY 12234.
- The right to have complaints about possible breaches and unauthorized disclosures of PII
addressed. Complaints may be submitted to NYSED at http://www.nysed.gov/common/nysed/files/programs/data-privacy-security/inventory-of-data-elements-collected-by-nysed_0.pdf by mail to: Chief Privacy Officer, New York State Education Department, 89 Washington Avenue, Albany, NY 12234; by email to: [email protected] or by telephone at 518-474- 0937. - To be notified in accordance with applicable laws and regulations if a breach or unauthorized release of PII occurs.
- Educational agency workers that handle PII will receive training on applicable state and federal laws, policies, and safeguards associated with industry standards and best practices
that protect PII. - Educational agency contracts with vendors that receive PII will address statutory and regulatory data privacy and security requirements.
- Parents have the right to submit complaints about possible breaches of student data or teacher or principal APPR data. Any such complaint must be submitted, in writing to:
-
-
- Shawn Van Scoy, Superintendent of Schools
1500 Dayspring Ridge
Walworth, NY 14568
(315) 986-3521 ext 4313
[email protected] - Complaints may also be submitted to the NYS Education Department at http://www.nysed.gov/data-privacy-security/report-improper-disclosure by mail to: Chief Privacy Officer, New York State Education Department, 89 Washington Avenue, Albany, NY 12234; by email to [email protected]; or by telephone at 518-474-0937.
- Shawn Van Scoy, Superintendent of Schools
-
-