What does this mean? It means that this law takes effect on July 1, 2021, and we as a school district must list on our website all digital service providers, apps, and learning platforms that collect student data from us in their systems; have a signed data privacy agreement (DPA) with each vendor; provide a mechanism for parents to exercise their rights regarding their student's data; and provide notification of data breaches.
SOPPA affects and addresses what is known as PII or Personal Identifiable Information. Some examples of PII may include:
- Full Name
- Email Address
- Home Address/Phone Number
- Grades
- Socioeconomic Information
- Test Results
- Photos
- Medical Records
So, what does this mean for Barrington 220? This means that the Technology and Innovation Department is working diligently to bring the district into compliance with all of its digital curriculum, apps, service providers, and web-based learning platforms. In many ways we are already compliant, but we need to display our compliance on our website and work with service providers to agree to our data privacy agreements.
We are currently ensuring that each of our vendors meet SOPPA compliance. A vendor or provider is “SOPPA-compliant” if it is:
- Not using data for targeted ads.
- Not profiling students except in furtherance of school purposes.
- Not settling or renting student information.
- Not disclosing information unless required by law or as part of maintenance and development of service.
- Using reasonable security practices.
- Deleting student data when requested.
- Publicly disclosing information about its use, terms of service, agreement, and privacy policy.
In the meantime, if you are interested in more information about SOPPA, you can access these resources:
No comments:
Post a Comment