Data Security and Privacy Overview
The Portland Public School District is committed to protecting the privacy of its students, faculty and staff. The district complies with State and Federal legislative regulations such as the new Act Concerning Student Data Privacy (PA:16-189) and the Family Educational Rights and Privacy Act (FERPA). In that effort, instructional and curricular resources are selected and procured with data security as a key criteria element, insuring students an effective yet safe educational experience. Portland Public Schools works to invest in and develop policies and practices that give our students and staff members powerful and safe educational experiences both online and in our classrooms.
Effective October 1, 2016 the State of Connecticut student privacy law PA 16-189 goes into effect. Portland is in the process of working with all publishers whose products are used by the district, that fall under the privacy legislation to obtain contract modifications to insure the suppliers are compliant with the law.
The Family Educational Rights and Privacy Act (FERPA) is a Federal law that protects the privacy of student education records. FERPA was originally passed in 1974, updated most recently in 2011. Here is the legislative history of FERPA. The law applies to all schools that receive funds from the U.S. Department of Education. FERPA gives parents certain rights with respect to their children’s education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level.
Key Privacy Rights under FERPA:
FERPA requires that federally funded institutions, under programs administered by the U.S. Department of Education, comply with certain procedures with regard to disclosing and maintaining educational records. FERPA was not enacted to preclude the disclosure of educational records simply because the records identify a student by name; rather, it was designed to protect the student’s educational information and status as a student
FERPA prohibits the disclosure of a student’s “protected information” to a third party. This disclosure is prohibited whether it is made by hand delivery, verbally, fax, mail, or electronic transmission.
General Overview of FERPA: Quick Guide to FERPA from the Department of Education
The primary goal of the Children’s Online Privacy Protection Act (COPPA) is to place parents in control over what information is collected from their young children online.The Act was passed by the U.S. Congress in 1998 and took effect in April 2000. COPPA was designed to protect children under age 13 while accounting for the dynamic nature of the Internet. The Rule applies to operators of commercial websites and online services (including mobile apps) directed to children under 13 that collect, use, or disclose personal information from children, and operators of general audience websites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under 13. The Rule also applies to websites or online services that have actual knowledge that they are collecting personal information directly from users of another website or online service directed to children.
When: Key Privacy Rights under COPPA:
The primary goal of COPPA is to place parents in control over what information is collected from their young children online. The Rule was designed to protect children under age 13 while accounting for the dynamic nature of the Internet. The Rule applies to operators of commercial websites and online services (including mobile apps) directed to children under 13 that collect, use, or disclose personal information from children, and operators of general audience websites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under 13.
Detailed Overview of COPPA:Complying with COPPA: Frequently Asked Questions-Federal Trade Commission
For the Full COPPA Rule: US Government Publishing Office Electronic Code of Federal Regulations-COPPA
Public Act 16-189
On June 9, 2016, Governor Malloy signed into law Public Act 16-189 an act concerning student data privacy for the State of Connecticut. The Act’s requirements are effective October 1, 2016. Connecticut Public Act No. 16-189 “Sits on top of” (in addition to) FERPA law and is comprehensive in nature and incorporates several provisions to protect the privacy of student information including;
Restricting how student information may be used by entities that contract to provide educational software and electronic storage of student records and by operators of websites, online services, or mobile applications (i.e., apps)
Clarifying that student data collected for school purposes is not owned by any of these third-party contractors
Requiring local boards of education to notify parents when they execute a new contract with a software, data storage, or internet service provider
Stipulating data security and privacy provisions that must figure in all contracts between local school districts and software, data storage, and internet service providers.
Requiring school districts to withhold the release of student directory information if the local or regional board of education determines that a request for such information is not related to school purposes.
For the Full PA16-189 Rule: Connecticut General Assembly