- Data Protection Regulation Information
- NSD80 Approved Online Services
- NSD80 Do Not Use Services Listing
- Digital Privacy Agreements (DPA)
- Inspect, Review, or Correct Information
- How is our approved list of services maintained?
- Data Breech Info
Student Online Personal Protection Act (SOPPA)
Effective July 1, 2021, school districts will be required by the Student Online Personal Protection Act (SOPPA) to provide additional guarantees that student data is protected when collected by educational technology companies, and that data is used for beneficial purposes only (105 ILCS 85).
DISTRICT REQUIREMENTS Below is a high-level overview of the new requirements. Please refer to the legislation for specific timelines and components of each element. School districts must:
4. Annually post subcontractors for each operator.
5. Post the process for how parents can exercise their rights to inspect, review and correct information maintained by the school, operator, or ISBE.
6. Post data breaches within 10 days and notify parents within 30 days.
7. Create a policy for who can sign contracts with operators.
8. Designate a privacy officer to ensure compliance.
9. Maintain reasonable security procedures and practices. Agreements with vendors in which information is shared must include a provision that the vendor maintains reasonable security procedures and practices.
Family Educational Rights and Privacy Act (FERPA)
FERPA is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds from the U.S. Department of Education. FERPA gives parents certain rights with respect to their children’s education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level.
Children’s Online Privacy Protection Act (COPPA)
The primary goal of COPPA is to place parents in control over what information is collected from their young children online. COPPA was designed to protect children under age 13 while accounting for the dynamic nature of the Internet. The Rule applies to operators of commercial websites and online services (including mobile apps) directed to children under 13 that collect, use, or disclose personal information from children, and operators of general audience websites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under 13. The Rule also applies to websites or online services that have actual knowledge that they are collecting personal information directly from users of another website or online service directed to children. Read more
Children’s Internet Protection Act (CIPA)
CIPA was enacted by Congress in 2000 to address concerns about children’s access to obscene or harmful content over the Internet. CIPA imposes certain requirements on schools or libraries that receive discounts for Internet access or internal connections through the E-rate program. Read more
Protection of Pupil Rights Amendment (PPRA)
PPRA is intended to protect the rights of parents and students in two ways:
- It seeks to ensure that schools and contractors make instructional materials available for inspection by parents if those materials will be used in connection with an ED-funded survey, analysis, or evaluation in which their children participate; and
- It seeks to ensure that schools and contractors obtain written parental consent before minor students are required to participate in any ED-funded survey, analysis, or evaluation that reveals certain information.
PPRA applies to programs that receive funding from the U.S. Department of Education. Read more
Digital Privacy Agreements (DPA) are agreements between Norridge School District #80 and providers that detail how student data is to be handled.
If you would like to view the Digital Privacy Agreements (DPA) that Norridge School District #80 currently holds, please go to the online database where records are stored at https://sdpc.a4l.org/district_search_national.php?districtID=5789
Teachers, request a new DPA for an online resource at https://sdpc.a4l.org/new_request.php?districtID=5789
Parents or guardians interested in inspecting, reviewing, or correcting information maintained by the District should contact John Jobe, Director of Technology, at email@example.com 8151 W. Lawrence Ave., Norridge, IL 60706 to schedule an in person appointment. Mr. Jobe will assist parents/guardians with inspecting and reviewing data on a school owned device within the school. Any requested modification will be noted and submitted to school administration for approval. Parents or guardians will receive notification as to whether requested corrections were approved within 15 business days.
The Director of Technology may execute contracts with service providers. The Director of Technology is responsible to add or update information for each provider within 10 days of entering a new DPA contract.
Contact John Jobe, Director of Technology for NSD80, via email at firstname.lastname@example.org