Skip to main content

Wyandanch Union Free School District

We Are Rising

Schools

Popular Links

  1. Departments
  2. Support Operations
  3. Student Data & Privacy

Student Data & Privacy

Student Data Protection

Managing student data safely is a complicated issue that our school district takes very seriously. However, we want to be clear that we are NOT experts in this area. We are practitioners who are trying to manage a constantly evolving field. It is a challenge to stay informed and up to date on best practice in this ever-changing landscape- but the threat of not addressing these issues is potentially severe. In Wyandanch, we address the issue on multiple fronts. 

Where is sensitive student data kept?

The district utilizes Infinite Campus as the location of all of the important and sensitive information that we collect on our students and staff in order to function effectively as a school district. This includes the following data: demographics, academics, attendance, disabilities, discipline, health, free and reduced lunch, and transportation. This data is held securely in servers that are protected by state of the art firewalls and disaster recovery procedures. Much of this data is in highly secure servers at Eastern Suffolk BOCES (ESBOCES). Some of the data is housed in secure servers inside the district. 

Is student data shared?

Yes. Student data that is collected and secured by the district is shared outside of this protected area in two ways:

Data is shared with New York State

New York State requires that we share some of the student and staff data with NYSED for a variety of reasons. Our Chief Information Officer (CIO) carefully maps the data that is requested to the corresponding fields in our secure databases and pushes that data to the NYS Data Warehouse. This process is overseen and “certified” by the Superintendent of Schools. The data pushed to the Data Warehouse is maintained securely. The exact data fields requested by NYSED change periodically. These changes are monitored by our District Privacy Officer. Any substantive changes in reporting requirements are brought to the Board of Education on an as-needed basis. NYS publishes a list of the fields being pushed to the NYS Data Warehouse.

Data is shared with approved third-party vendors

There are many software applications that require the input of limited student data in order to function effectively. When we share student data with a third party vendor, the following three principles are followed:

  1. The vendor/application must be approved by the Data Protection Officer as compliant with federal and state privacy laws. The process is as follows:

    • Staff members submit the software for approval by the district through Trouble Trakker.

    • The District Privacy Officer uses multiple sources of information (including the RIC ONE Data Privacy and Security Service and DATAG) to make a judgment as to the level of compliance of the vendor.

    • Software and Apps that are reviewed (or in process of being reviewed) are made available to staff.

  2. Once a vendor is approved by the district, the district shares the minimal amount of data necessary for the software to function effectively.

  3. Any data transferred to a third party vendor must be transferred through a secure networking protocol.

 

Reporting Required by the NYS Education Department

 

Family Educational Rights & Privacy Act (FERPA)

The district complies with the Family Educational Rights and Privacy Act (FERPA). Parents and 18-year-old students may inspect official records relating to them including progress reports, grades, aptitude and achievement test scores, psychological tests, and teacher evaluations. A record may be challenged by parents or 18-year-olds when they believe it to be inaccurate or misleading. The principal may remove designated material if in agreement with the challenge. Definitions of a school official and additional procedures under FERPA can be found in the Board of Education Policy Manual.

Individual student records are confidential and are not released to colleges, employers, or elsewhere without written permission, subject to the following exceptions. District schools may forward educational records to other schools that have requested them and in which a BH-BL student seeks or intends to enroll. What the law refers to as directory information may be made public for school purposes unless a parent informs us in writing that they do not want this information made public. Directory information that we may make public includes a student’s name, address, phone number, grade level, honor or award received, dates of attendance, photograph, age, membership in a school athletic team, activity or club, and (for athletes only) height and weight. Directory information is primarily made public so that students’ accomplishments can be included in various publications such as a concert program, yearbook, or honor roll.

As required by federal law, the high school provides a list of senior class member names, addresses, and phone numbers to the military services—unless parents inform the high school principal in writing by September 15 that they do not want their child included in such lists.

Parents and 18-year-old students have the right to opt-out of the disclosure of directory information by contacting their school principal. Parents should also inform the Superintendent if they do not wish their child’s likeness to be included on the district website, Facebook page, or in occasional photos or videos taken by the media or district staff for school-related purposes.

Also, in accordance with the federal Protection of Pupil Rights Amendment, the district hereby notifies parents that our schools may occasionally conduct student surveys that touch on topics such as political affiliation, income, or beliefs or religious practices of the student. In such cases, a letter will be sent home explaining parent rights to opt a child out from such a survey before it is conducted.

Questions about school policies in connection with family rights and privacy laws can be addressed to building principals or the Superintendent.

The NYS Education Department’s Education Law §2-d Bill of Rights for Data Privacy and Security

The Wyandanch Union Free School District is committed to ensuring student privacy in accordance with local, state, and federal regulations and district policies. To this end and pursuant to the U.S. Department of Education (DOE) regulations (Education Law §2-d), the district is providing the following Parents’ Bill of Rights for Data Privacy and Security. Parents and eligible students can expect the following:

1) A  student’s personally identifiable information cannot be sold or released for any commercial purposes.      

2) Parents have the right to inspect and review the complete contents of their child’s education record.      

3) Existing state and federal laws, and safeguards such as encryption,  firewalls,  protect the confidentiality of a student’s personally identifiable information, and password protection must be in place when data is stored or transferred.      

4) A  complete list of all student data elements collected by the  State  Education  Department is available for public review, or by writing to the office of Information & Reporting Services, New York State Education Department, Room  863 EBA, 89 Washington Avenue, Albany, NY  12234.      

5) Parents have the right to file complaints about possible breaches of student data.  Parents may submit a complaint regarding a potential breach by the District to Dr. Christine Jordan, Assistant to the Superintendent for Administrative and Instructional Accountability, Wyandanch Union  Free  School  District,  1445 Dr. Martin  L.  King,  Jr.  Blvd.,  Wyandanch, NY 11798.  Complaints pertaining to the State Education Department or one of its third-party vendors should be directed in writing to the  Chief Privacy Officer, New York  State  Education  Department,  89  Washington  Avenue,  Albany,  NY  12234,  or email to  CPO@mail.nysed.gov.    The complaint process is under development and will be established through regulations to be proposed by the State Education Department’s Chief Privacy Officer.      

6) The State Education Department’s Chief Privacy Officer will develop additional elements for this  Parents’ Bill of Rights, which will be prescribed in Regulations of the Commissioner and updated by the District accordingly.      

7) Upon the adoption of regulations and guidance from the State Education Department, as required by Education Law 2‐d(3)(d) and 2‐d(5)(a‐b), if the District enters into a contract with a third party,  supplemental information for each such contract will be appended to this Parents’ Bill of Rights.      

8) Parents may access the  State  Education  Department’s  Parents’  Bill of Rights

  • “Parent” means a parent, legal guardian, or person in parental relation to a student. These rights may not apply to parents of eligible students defined as a student eighteen years or older. “Eligible Student” means a student 18 years and older.

  • “Personally identifiable information,” as applied to student data, means personally identifiable information as defined in section 99.3 of title thirty-four of the code of federal regulations implementing the family educational rights and privacy act, section twelve hundred thirty-two-g of title twenty of the United States Code, and, as applied to the teacher or principal data, means “personally identifying information” as such term is used in subdivision ten of section three thousand twelve-c of this chapter.

  • Information about other state and federal laws that protect student data such as the Children’s Online Privacy Protection Act, the Protection of Pupil Rights Amendment, and NY’s Personal Privacy Protection Law can be found

 

More information is also available on the following websites:

 

Overview of the Data Warehouse – Student Information Repository System (SIRS)

The purpose of the New York State Student Information Repository System (SIRS) is to provide a single source of standardized individual student records for analysis at the local, regional, and State levels to improve student performance and to meet state and federal reporting and accountability requirements. Data in the repository are available only to users with a legitimate educational interest. Local Education Agencies (LEAs) must use this system to report certain data to the New York State Education Department (NYSED).

Personally identifiable data in SIRS are available only to users with a legitimate educational interest.

Components of SIRS

  • Level 0 is a web-based application hosted by a Level 1 data center. It provides LEAs with the ability to enter (or load) and validate data against New York State (NYS) data collection formatting and business rules. Validated data is exported from Level 0 in a format that can be loaded directly into the Level 1 repository.

  • Level 1 consists of Data Warehouses operated by a Level 1 data center or a Big 5 school district. Each Level 1 center establishes its own schedule for loading data to Level 1.

  • The Level 2 Repository is a single statewide data warehouse where all required student data from Level 1 are combined. This level holds records for all students, teachers, and non-teaching professionals. Level 2 provides data for many purposes including, but not limited to, developing The New York State School Report Card; determining the accountability status of public and charter schools and districts; reporting Institutional Master File (IMF) and Personnel Master File (PMF) data; determining teacher and principal accountability; linking student data with those of teachers and principals; meeting federal reporting requirements; informing policy decisions, and meeting other State needs for individual student data.

  • Level 0 Historical is an application that provides the sole process for updating individual student and Staff Evaluation historical data that currently resides in the data warehouse. Historical records are defined as any data warehouse record submitted prior to the current school year.

 

District Privacy Officer
Dr. Christine Jordan
(631) 870-0510
Email Dr. Christine Jordan

 

The New York State Education Department developed a Parent Dashboard to increase transparency and make school-level data easier for parents and the public to access. Find information about your child’s school and provide feedback

 

Resources

RICone Data Privacy & Security

Statewide Vendor Contracts

ESBOCES/RIC Supplemental Information

District Privacy Officer Objective

Established by administrative regulation, the Student Data Protection Officer monitors all issues related to the protection of student data collected as part of district operations.

Scope

The District Privacy Officer is also the Chief Information Officer (CIO) for the district. The District Privacy Officer is a title that is added to the existing responsibilities of an existing employee. As such, the District Privacy Officer’s direct supervisor is determined by his or her primary role within the district. However, all duties and responsibilities specifically related to the role of District Privacy Officer will be overseen directly by the Superintendent of Schools.

Responsibilities

  • Monitor data that the School District is required to submit to the New York State Education Department (NYSED) or to any NYSED sanctioned outside entity.

  • Make a report in public session once a year that informs the public of the data that the School District is required to submit to the New York State Education Department (NYSED) or to any NYSED sanctioned outside entity.

  • Notify the Superintendent of Schools and the Board of Education whenever the NYSED or any other outside agency sanctioned by NYSED requests additional data/data fields from the School District.

  • Ensure that the district is complying with all Federal and State requirements for data privacy and parental notification/opt-out procedures.

  • Train all staff annually on issues related to data privacy and security.