- A student’s personally identifiable information cannot be sold or released for any commercial or marketing purposes.
- Parents have the right to inspect and review the complete contents of their child’s education record, including any student data maintained by the Guilderland Central School District. This right of inspection of records is consistent with the federal Family Educational Rights and Privacy Act (FERPA). Under the more recently adopted regulations (Education Law §2-d), the rights of inspection are extended to include data, meaning parents have the right to inspect or receive copies of any data in their child’s educational record. The New York State Education Department (SED) will develop further policies and procedures related to these rights in the future.
- State and federal laws protect the confidentiality of personally identifiable information and safeguards associated with industry standards and best practices, including but not limited to, encryption, firewalls and password protection, must be in place when data is stored or transferred.
- A complete list of all student data elements collected by the state is available for public review. Parents may ask to obtain a copy of this list by writing to the Office of Information & Reporting Services, New York State Education Department, Room 863 EBA, 89 Washington Avenue, Albany, N.Y. 12234.
- Parents have the right to have complaints about possible breaches of student data addressed. Complaints should be directed to: GCSD Coordinator for Data & Information Michael Bastian, 8 School Road, P.O. Box 18, Guilderland Center, NY 12085, 518-456-6200, ext. 3105, firstname.lastname@example.org. Complaints to SED should be directed to: Chief Privacy Officer, New York State Education Department, 89 Washington Avenue, Albany, NY 12234, email@example.com. SED’s complaint process is under development and will be established through regulations from the department’s chief privacy officer, who has yet to be appointed.
Additional student data privacy information
This bill of rights is subject to change based on regulations of the commissioner of education and the SED chief privacy officer, as well as emerging guidance documents from SED. For example, these changes/additions will include requirements for districts to share information about third-party contractors that have access to student data, including:
- How the student, teacher or principal data will be used;
- How the third-party contractors (and any subcontractors/ others with access to the data) will abide by data protection and security requirements;
- What will happen to data when agreements with third-party contractors expire;
- If and how parents, eligible students, teachers or principals may challenge the accuracy of data that is collected; and
- Where data will be stored to ensure security and the security precautions taken to ensure the data is protected, including whether the data will be encrypted.