student online personal protection act | (SOPPA)
🔐 We are committed to protecting the information security of Brookwood 167
students in accordance with the Student Online Personal Protection Act.
purpose
The state SOPPA law requires school Districts to adopt a policy regarding the use of education technology products or applications. SOPPA is intended to ensure that student data will be protected when it is collected by educational technology companies and that the data may be used for beneficial purposes such as providing learning and innovative educational technologies.
SOPPA Requires, that school Districts only use educational technologies that meet the following criteria:
- have been approved under this policy;
- all agreements between the Board and the provider are posted on District’s website;
- and all of the data elements are listed on the District’s website regardless if the Board pays for the tools or they are provided free of charge.
Student Data Privacy Consortium (SDPC)
Student Data Privacy Consortium (SDPC) is an unique collaborative of schools, districts, divisions, regional, territories and state agencies, policy makers, trade organizations and marketplace providers addressing real-world, adaptable, and implementable solutions to growing data privacy concerns. The Consortium also leverages work done by numerous partner organizations but focuses on issues being faced by “on-the-ground” practitioners.
district requirements
The following is a high-level overview of the new requirements. Please refer to the legislation for specific timelines and components of each element.
Annually post all data elements that the school collects, maintains, or discloses to any entity. This information must also explain how the school uses the data, and to whom and why it discloses the data.
Annually post a list of all operators of online services or applications utilized by the District.
Post contracts for each operator within ten (10) days of signing.
Post the process for how parents can exercise their rights to inspect, review and correct information maintained by the school, operator, or ISBE.
Annually post subcontractors for each operator.
Post data breaches within ten (10) days and notify parents within thirty (30) days.
Designate a Privacy Officer to ensure compliance.
Create a policy for who can sign contracts with operators.
Maintain reasonable security procedures and practices. Agreements with vendors in which information is shared must include a provision that the vendor maintains reasonable security procedures and practices.
Family Educational Rights & Privacy Act (FERPA)
🔐 FERPA is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds from the U.S. Department of Education.
FERPA gives parents certain rights with respect to their children’s education records.
These rights transfer to the student when he or she reaches the age of eighteen (18) or attends a school beyond the high school level. (read more…)
Children's Online Privacy Protection Act (COPPA)
🔐 The primary goal of COPPA is to place parents in control over what information is collected from their young children online. COPPA was designed to protect children under age thirteen (13) while accounting for the dynamic nature of the Internet.
The Rule applies to operators of commercial websites and online services (including mobile apps) directed to children under thirteen (13) that collect, use, or disclose personal information from children, and operators of general audience websites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under thirteen (13).
The Rule also applies to websites or online services that have actual knowledge that they are collecting personal information directly from users of another website or online service directed to children. (read more…)
Children's Internet Protection Act (CIPA)
🔐 CIPA was enacted by Congress in 2000 to address concerns about children’s access to obscene or harmful content over the Internet.
CIPA imposes certain requirements on schools or libraries that receive discounts for Internet access or internal connections through the E-rate program. (read more…)
Protection of Pupil Rights Amendment (PPRA)
🔐 The Protection of Pupil Rights Amendment (PPRA) applies to the programs and activities of a State Education Agency (SEA), Local Education Agency (LEA), or other recipient of funds under any program funded by the U.S. Department of Education.
It governs the administration to students of a survey, analysis, or evaluation that concerns one or more of the following eight (8) protected areas:
- political affiliations or beliefs of the student or the student’s parent;
- mental or psychological problems of the student or the student’s family;
- sex behavior or attitudes;
- illegal, anti-social, self-incriminating, or demeaning behavior;
- critical appraisals of other individuals with whom respondents have close family relationships;
- legally recognized privileged or analogous relationships, such as those of lawyers, physicians, and ministers;
- religious practices, affiliations, or beliefs of the student or student’s parent; or
- income (other than that required by law to determine eligibility for participation in a program or for receiving financial assistance under such program).
