Parents Bill of Rights
Parents' Bill of Rights for Data Privacy and Security
In accordance with Education Law Section 2-d, the Red Creek Central School District hereby sets forth the following Parents’ Bill of Rights for Data Privacy and Security, which is applicable to all students and their parents/legal guardians.
- A student's personally identifiable information cannot be sold or released for any commercial purpose. PII, as defined by Education Law § 2-d and FERPA, includes direct identifiers such as a student's name or identification number, parent's name, or address; and indirect identifiers such as a student's date of birth, which when linked to or combined with other information can be used to distinguish or trace a student's identity. Please see FERPA's regulations as 34 CFR 99.3 for a more complete definition.
- In accordance with FERPA, Section 2-d and Board Policy 72400 Student Records: Access and Challenge, parents have the right to inspect and review the complete contents of their child's education record.
- State and federal laws such as Education Law § 2-d; the Commissioner of Education's Regulations at 8 NYCRR Part 121, the Family Educational Rights and Privacy Act ("FERPA") at 12 U.S.C. 1232g (34 CFR Part 99); Children's Online Privacy Protection Act ("COPPA") at 15 U.S.C. 6501-6502 (16 CFR Part 312); Protection of Pupil Rights Amendment ("PPRA") at 20 U.S.C. 1232h (34 CFR Part 98); the Individuals with Disabilities Education Act ("IDEA") at 20 U.S.C. 1400 et seq. (34 CFR Part 300); protect the confidentiality of a student's identifiable information.
- The District has the following safeguards in place to protect student data, including personally identifiable information stored or transferred by the District.
- All databases that have student information are protected by a secure password and login. These logins are monitored and kept up to date.
- Student information is only accessible by those that are deemed warranted of having the information.
- Safeguards associated with industry standards and best practices including, but not limited to: encryption and firewalls in place.
- A complete list of all student data elements collected by NYSED is available at http://www.nysed.gov/common/nysed/files/programs/data-privacy-security/inventory-of-data-elements-collected-by-nysed_0.pdf and by writing to: Chief Privacy Officer, New York State Education Department, 89 Washington Avenue, Albany, NY 12234.
- Complaints about possible breaches of student data or teacher or principal APPR data must be submitted, in writing, to: Mr. Brian M. Corey, Superintendent of Schools, PO Box 190, Red Creek, New York 13143 Phone: 315-754-2010. Complaints may also be submitted to the NYS Education Department at http://www.nysed.gov/data-privacy-security/report-improper-disclosure by mail to: Chief Privacy Officer, New York State Education Department, 89 Washington Avenue, Albany, NY 12234; by email to Privacy@NYSED.gov; or by telephone at 518-474-0937.
- To be notified in accordance with applicable laws and regulations if a breach or unauthorized release of PII occurs.
- Educational agency workers that handle PII will receive training on applicable stand and federal laws, policies, and safeguards associated with industry standards and best practices that protect PII.
- Educational agency contracts with vendors that receive PII will address statutory and regulatory data privacy and security requirements.