Student Data Protection Officer
Tracy Falvo | (518) 399-9141, ext. 85050
Managing student data safely is a complicated issue that our school district takes very seriously. However, we begin this case study with the caveat that we are NOT experts in this area. We are practitioners who are trying to manage a constantly evolving field. It is a challenge to stay informed and up to date on best practice in this ever changing landscape- but the threat of not addressing these issue is potentially severe. At BH-BL, we address the issue on multiple fronts. In order to better understand our approach, it is helpful to discuss the concept of student data protection using this diagram.
Where is sensitive student data kept?
The lock in the middle represents the location of all of the important and sensitive information that we collect on our students and staff in order to function effectively as a school district. This includes the following data: demographics, academics, attendance, disabilities, discipline, health,
free and reduced lunch, and transportation. This data is held securely in servers that are protected by state of the art firewalls and disaster recovery procedures. Much of this data is in highly secure servers at the Northeast Regional Information Center (NERIC). Some of the data is housed in secure servers inside the district. eSD is now cloud hosted with the vendor.
Is student data shared?
Yes. Student data that is collected and secured by the district is shared outside of this protected area in two ways:
Data is shared with New York State
New York State requires that we share some of student and staff data with
NYSED for a variety of reasons. Our Chief Information Officer (CIO) carefully
maps the data that is requested to the corresponding fields in our secure
databases and pushes that data to the NYS Data Warehouse. This process is
overseen and “certified” by the Superintendent of Schools. The data pushed to the Data Warehouse is maintained securely (details of security protocol) . The exact data fields requested by NYSED change periodically. These changes are monitored by our Student Protection Officer, who makes an annual report to the Board of Education. Any substantive changes in reporting requirements are brought to the Board of Education on an as needed basis. NYS publishes a list of the fields being pushed to the NYS Data Warehouse.
Data is shared with approved third party vendors
There are many software applications that require the input of limited student data in order function effectively. When we share student data with a third party vendor, the following three principles are followed:
- The vendor/application must be approved by the Data Protection Officer as compliant with federal and state privacy laws. The process is as follows:
- Staff members submit the software for approval by the district.
- The Data Protection Officer uses multiple sources of information (including the RIC ONE Data Privacy and Security Service; The Privacy Evaluation Initiative Consortium and DATAG) to make a judgement as to the level of compliance of the vendor.
- Software and Apps that are reviewed (or in process of being reviewed) are made available to staff in our BHBL App Catalog.
- Once a vendor is approved by the district, the district shares the minimal amount of data necessary for the software to function effectively.
- Any data transferred to a third party vendor must be transferred through secure networking protocol.
Reporting Required by the NYS Education Department
- Inventory of Data Elements Collected by NYSED
- This document lists all of the data elements required by NYS.
- After consideration and review, the District submits all required elements that apply to the District and uses the NYS templates through NERIC which are more categorized.
- 2019-20 SIRS Reporting Timeline
- All data needs to be certified by the Superintendent of Schools.
- This memo provides reporting requirements and dates of certification.
- Reporting 2019-20 School Year Data Memo
- This memo highlights revisions and additions of data collection requirements and could be referenced for data collection clarification.
- The definitions are aligned with Federal reporting requirements.
- NYS Student Information Repository System (SIRS) Manual
What do we see as areas of need for school districts?
This is our list of immediate needs. We think that this question warrants further discussion and the aggregate list could inform NYSED efforts in this area.
- Help us to evaluate/assess privacy policies of 3rd Party vendors at the NY state or BOCES level so that we can more efficiently approve them on the local level. Perhaps a global scale or rating system?
- Help us specifically with Google. It has become a major ecosystem in NYS K-12 education but it is difficult to ensure that it is compliant with the necessary federal and state privacy laws.
- Develop a network of Student Data Protection Officers similar to the DATAG CIO Listserv.
Family Educational Rights & Privacy Act (FERPA)
The district complies with the Family Educational Rights and Privacy Act (FERPA). Parents and 18-year-old students may inspect official records relating to them including progress reports, grades, aptitude and achievement test scores, psychological tests, and teacher evaluations. A record may be challenged by parents or 18 year olds when they believe it to be inaccurate or misleading. The principal may remove designated material if in agreement with the challenge. Definitions of school official and additional procedures under FERPA can be found in the Board of Education Policy Manual.
Individual student records are confidential and are not released to colleges, employers, or elsewhere without written permission, subject to the following exceptions. District schools may forward educational records to other schools that have requested them and in which a BH-BL student seeks or intends to enroll. What the law refers to as directory information may be made public for school purposes unless a parent informs us in writing that they do not want this information made public. Directory information that we may make public includes: a student’s name, address, phone number, grade level, honor or award received, dates of attendance, photograph, age, membership in a school athletic team, activity or club, and (for athletes only) height and weight. Directory information is primarily made public so that students’ accomplishments can be included in various publications such as a concert program, yearbook, or honor roll.
As required by federal law, the high school provides a list of senior class member names, addresses and phone numbers to the military services—unless parents inform the high school principal in writing by September 15 that they do not want their child included in such lists.
Parents and 18-year-old students have the right to opt out of the disclosure of directory information by contacting their school principal. Parents should also inform the Superintendent if they do not wish their child’s likeness to be included on the district website, Facebook page or in occasional photos or videos taken by the media or district staff for school-related purposes.
Also, in accordance with the federal Protection of Pupil Rights amendment, the district hereby notifies parents that our schools may occasionally conduct student surveys that touch on topics such as political affiliation, income, or beliefs or religious practices of the student. In such cases, a letter will be sent home explaining parent rights to opt a child out from such a survey before it is conducted.
Questions about school policies in connection with family rights and privacy laws can be addressed to building principals or the Superintendent.
The NYS Education Department’s Education Law §2-d Bill of Rights for Data Privacy and Security
The BH-BL School District is committed to ensuring student privacy in accordance with local, state and federal regulations and district policies. To this end and pursuant to U.S. Department of Education (DOE) regulations (Education Law §2-d), the district is providing the following Parents’ Bill of Rights for Data Privacy and Security. Parents and eligible students1 can expect the following:
- A student’s personally identifiable information (PII)2 cannot be sold or released for any commercial purpose.
- The right to inspect and review the complete contents of the student’s education record stored or maintained by an educational agency.
- State and federal laws,3 such as NYS Education Law §2-d and the Family Educational Rights and Privacy Act, that protect the confidentiality of a student’s PII, and safeguards associated with industry standards and best practices, including but not limited to, encryption, firewalls, and password protection, must be in place when data is stored or transferred.
- A complete list of all student data elements collected by NYSED is available for public review at www.nysed.gov/data-privacy-security, and by writing to: Chief Privacy Officer, New York State Education Department, 89 Washington Avenue, Albany, NY 12234.
- The right to have complaints about possible breaches and unauthorized disclosures of student data addressed. Complaints should be directed to: Data Protection Officer Tracy Falvo, BH-BL High School, 88 Lakehill Road, Burnt Hills, NY 12027. (518) 399-9141, ext. 85050 or firstname.lastname@example.org. Complaints may be submitted to NYSED online at www.nysed.gov/data-privacy-security, by mail to: Chief Privacy Officer, New York State Education Department, 89 Washington Avenue, Albany, NY 12234, by email to email@example.com, or by telephone at 518-474-0937.
- To be notified in accordance with applicable laws and regulations if a breach or unauthorized release of their student’s PII occurs.
- BH-BL School District staff that handle PII will receive training on applicable state and federal laws, the District’s policies, and safeguards associated with industry standards and best practices that protect PII.
- BH-BL School District contracts with vendors that receive PII will address statutory and regulatory data privacy and security requirements.
1 “Parent” means a parent, legal guardian, or person in parental relation to a student. These rights may not apply to parents of eligible students defined as a student eighteen years or older. “Eligible Student” means a student 18 years and older.
2 “Personally identifiable information,” as applied to student data, means personally identifiable information as defined in section 99.3 of title thirty-four of the code of federal regulations implementing the family educational rights and privacy act, section twelve hundred thirty-two-g of title twenty of the United States code, and, as applied to teacher or principal data, means “personally identifying information” as such term is used in subdivision ten of section three thousand twelve-c of this chapter.
3 Information about other state and federal laws that protect student data such as the Children’s Online Privacy Protection Act, the Protection of Pupil Rights Amendment, and NY’s Personal Privacy Protection Law can be found at http://www.nysed.gov/student-data-privacy/federal-laws-protect-student-data.
More information is also available on the following websites:
- NYSED Data Privacy Resources
- Student Privacy Pledge
- New York State Education Department Parents Bill of Rights
- Education Law 2-D
- NYSED: Data Privacy FAQs
- U.S. Department of Education press release: Guidance for Schools Issued on How to Keep Parents Better Informed on the Data They Collect on Students
- Privacy Technical Assistance Center (PTAC): newly established one-stop resource for education stakeholders to learn about data privacy.
The purpose of the New York State Student Information Repository System (SIRS) is to provide a single source of standardized individual student records for analysis at the local, regional, and State levels to improve student performance, and to meet State and federal reporting and accountability requirements. Data in the repository are available only to users with a legitimate educational interest. Local Education Agencies (LEAs) must use this system to report certain data to the New York State Education Department (NYSED).
Personally identifiable data in SIRS are available only to users with a legitimate educational interest.
Components of SIRS
- Level 0 is a web-based application hosted by a Level 1 data center. It provides LEAs with the ability to enter (or load) and validate data against New York State (NYS) data collection formatting and business rules. Validated data is exported from Level 0 in a format that can be loaded directly into the Level 1 repository.
- Level 1 consists of Data Warehouses operated by a Level 1 data center or a Big 5 school district. Each Level 1 center establishes its own schedule for loading data to Level 1.
- The Level 2 Repository is a single statewide data warehouse where all required student data from Level 1 are combined. This level holds records for all students, teachers, and non-teaching professionals. Level 2 provides data for many purposes including, but not limited to, developing The New York State School Report Card; determining the accountability status of public and charter schools and districts; reporting Institutional Master File (IMF) and Personnel Master File (PMF) data; determining teacher and principal accountability; linking student data with those of teachers and principals; meeting federal reporting requirements; informing policy decisions; and meeting other State needs for individual student data.
- Level 0 Historical is an application that provides the sole process for updating individual student and Staff Evaluation historical data that currently resides in the data warehouse. Historical records are defined as any data warehouse record submitted prior to the current school year.