Skip To Main Content

Parents Bill of Rights for Data Privacy and Security

Dansville Central School District

Parents' Bill of Rights for Data Privacy and Security 

The Dansville Central School District seeks to use current technology, including electronic storage, retrieval, and analysis of information about students' education experience in the district, to enhance opportunities for learning and to increase the efficiency of our district and school operations. 

 The Dansville Central School District seeks to ensure that parents have information about how the District stores, retrieves, and uses information about students, and to meet all legal requirements for maintaining the privacy and security of protected student data and protected principal and teacher data, including Section 2-d of the New York State Education Law.

To further these goals, the Dansville Central School District has posted this Parents' Bill of Rights for Data Privacy and Security.    

  • A student’s personally identifiable information (PII)  cannot be sold or released for any commercial purpose. 
  • Parents have the right to inspect and review the complete contents of their child’s education record. The procedures for exercising this right can be found in Board Policy #5676 Privacy and Security for Student Data. DCSD Policy Manual.
  • State and federal laws protect the confidentiality of a student’s identifiable information, and safeguards associated with industry standards and best practices, including but not limited to, encryption, firewalls, and password protection, must be in place when data is stored or transferred. 
  • A complete list of all student data elements collected by NYSED is available at: https://www.nysed.gov/data-privacy-security/student-data-inventory  and by writing to:  Chief Privacy Officer, New York State Education Department, 89 Washington Avenue, Albany, NY 12234.
  • Parents have the right to have complaints about possible breaches of student data addressed.

 

Supplemental Information Regarding Third-Party Contractors

 

In the course of complying with its obligations under the law and providing educational services to District residents, Dansville Central School District has entered into agreements with certain third-party contractors.  Pursuant to such agreements, third-party contractors may have access to "student data" and/or "teacher or principal data." as those terms are defined by law.

Each contract the District enters into with a third party contractor where the third party contractor receives student data or teacher or principal date will include this Bill of Rights along with the following information:

  1. The exclusive purposes for which the students data or teacher or principal data will be used;
  2. How the third party contractor will ensure that the subcontractors, persons, or entities that the third party contractor will share the student data or teacher or principal data with, if any, will abide by data protection and security requirements.
  3. The duration of the contract including when the agreement expires and what happens to the student data or teacher or principal data upon expiration of the agreement;
  4. If and how a parent, student, eligible student, teacher, or principal may challenge the accuracy of the student data or teacher or principal data that is collected; and
  5. Where the student data or teacher or principal data will be stored (described in such a manner as to protect data security), and the security protection taken to ensure such data will be protected, including whether such data will be encrypted.
  6. Address how the data will be protected using encryption while in motion and at rest.

A list of third party contractors is available at the following link: Dansville SCD Supplemental Information

Data Privacy & Security Policy

Data Privacy Fact Sheet for Parents & Families


PRIVACY AND SECURITY FOR STUDENT DATA AND TEACHER AND PRINCIPAL DATA

The District is committed to maintaining the privacy and security of student data and teacher and principal data and will follow all applicable laws and regulations for the handling and storage of this data in the District and when disclosing or releasing it to others, including, but not limited to, third-party contractors. The District adopts this policy to implement the requirements of Education Law Section 2-d and its implementing regulations, as well as to align the District's data privacy and security practices with the National Institute for Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity (Version 1.1).

Strengthening Student Data Privacy

Here's what parents need to know:

Ed Law 2-D Regulations (Part 121) Protecting Personally Identifiable Information in New York's Educational Agencies*

In January 2019, the New York State Education Department (NYSED) proposed regulatory changes to increase information security and privacy measures to safeguard the Personally identifiable information (PII)** of students and school personnel. The public comment period is open from January 30 to March 31, 2019.

Questions?

Contact NYSED's Chief Privacy Officer at Privacy@NYSED.gov 
nysed.gov/student-data-privacy

* Educational agencies include public schools (including charter schools), school districts, and BOCES.

** Personally Identifiable Information (PII) is information that can be used to identify an individual whether directly (e.g. student’s name; names of parents or family members; address of the student or student’s family; personal identifiers like social security numbers) or indirectly when linked with other information (e.g., date of birth and mother’s maiden name). Visit nysed.gov/student-data-privacy for more information.