New York State Education Law §2-d Part 121 of the Commissioner’s Regulations requires that each educational agency shall publish their Data Security and Privacy Policy and their Parents' Bill of Rights for Data Privacy and Security. 

 

The law also requires that with each contract an educational agency enters with a third-party contractor, that receives personally identifiable information (PII), must contain a signed bill of rights and supplemental information. In turn, each educational agency will have to publish, on its website, the signed parent’s bill of rights and supplemental information to the bill of rights for each software contract.

 

 

Name: Barb Tasber

Email: [email protected]

Phone: 607-655-8215

Mailing Address: 1191 NY Route 79 Windsor, NY

 

 

Data Security and Privacy Policy: https://www.windsor-csd.org/Downloads/4240%20Data%20Security%20%20Privacy%20Policy%20(Ed%20Law%202-d)2.pdf

 

Parent Bill of Rights: Parent Bill of Rights Windsor

 

Disclosure Complaint Form: Windsor-Unauthorized-Disclosure-Complaint-Form-ADA

 

RIC One is comprised of 12 Regional Information Centers in New York State. These RICs work together with the State Education department to develop and provide services to school districts. The RIC One Data Privacy and Security (DPS) initiative supports district compliance with New York State's Common Core Reform Act, Education Law 2-d and Part 121 Regulations. One of the items created to help assist districts was the Data Privacy Inventory Tool or DPIT.

 

 

The Data Privacy Inventory Tool compiles a list of district software as required by Education Law §2-d Part 121 Regulations. It provides a means for sharing our parents' bill of rights, supplemental information and compliance with components of the NIST Cybersecurity Framework. 

 

Contract Source: How the software product is procured; either BOCES, District, or District - Free

Supporting Documentation: Document links or attachments to signed parent's bill or rights and supplemental information   

 

Note: Information posted in the data privacy inventory tool is continually updated.

 

 The Windsor CSD CONTRACTS: https://dpit.riconedpss.org/supplemental-information/02d9d2af98c045c002f6

Family Educational Rights and Privacy Act (FERPA)(link is external) – The foundational federal law on the privacy of students’ educational records, FERPA safeguards student privacy by limiting who may access student records, specifying for what purpose they may access those records, and detailing what rules they have to follow when accessing the data.

Protection of Pupil Rights Amendment (PPRA)(link is external) – PPRA defines the rules states and school districts must follow when administering tools like surveys, analysis, and evaluations funded by the US Department of Education to students. It requires parental approval to administer many such tools and ensures that school districts have policies in place regarding how the data collected through these tools can be used.

Children's Online Privacy Protection Rule (COPPA)(link is external) – COPPA imposes certain requirements on operators of websites, games, mobile apps or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.