- Great Neck Public Schools
- Data Privacy and Security
Office of Instructional Technology - Data Privacy and Security
-
Data privacy and security are critical issues in today's technology-driven world. We understand the importance of protecting the personal information of our students, faculty, and staff and are committed to ensuring that all personal data is kept safe and secure, and that we comply with all applicable laws and regulations related to data privacy and security.
As part of our commitment to data privacy, we have implemented a range of measures to safeguard personal information. This includes using secure networks, implementing strong password policies, and regularly reviewing our security protocols to identify and address any vulnerabilities. We also train our staff on best practices for working with sensitive data to ensure that they are equipped to handle it appropriately. By prioritizing data privacy and security, we can create a safe and trustworthy digital environment for our students, faculty, and staff, and continue to provide high-quality education and services to our community.
Please refer to the information below to find more specific information regarding federal laws and district policies related to data privacy and security.
-
What is New York State Education Law 2-D?
NYS Ed Law 2D pertains to the unauthorized release of personally identifiable information (PII).
The Board of Regents adopted Part 121 of the Regulations of the Commissioner of Education on January 13, 2020. These rules will implement Education Law Section 2-D and provide guidance to educational agencies and their third-party contractors on ways to strengthen data privacy and security to protect student data and teachers' annual professional performance review data. The regulation went through multiple sets of revisions and three rounds of public comments. It applies to both charter and traditional public schools.
PII includes, but is not limited to:
- The student’s name;
- The name of the student’s parent or other family members;
- The address of the student or student’s family;
- A personal identifier, such as the student’s social security number, student number, or biometric record;
- Other indirect identifiers, such as the student’s date of birth, place of birth, and mother’s maiden name;
- Other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty; or
- Information requested by a person who the educational agency or institution reasonably believes knows the identity of the student to whom the education record relates.
The confidentiality and privacy provisions do not apply to de-identified data (e.g., data regarding students that uses random identifiers), aggregated data (e.g., data reported at the school district level) or anonymized data that could not be used to identify a particular student.
-
Information Security or Data Privacy Breach Complaint Submission Procedures
Report an Improper Disclosure to Great Neck Public Schools:
If a parent, adult student, principal or teacher believes that there has been a data breach or improper disclosure of PII, the complaint should be submitted using the GNPS Improper Disclosure Reporting Form.
Parents/guardians may also choose to submit a written complaint regarding a potential breach by the Great Neck Public Schools to the Superintendent of Great Neck Public Schools, 345 Lakeville Road, Great Neck, NY 11020
Parents may also choose to contact the District's Data Protection Officer, Joseph Cangialosi, at jcangialosi@greatneck.k12.ny.us
Report an Improper Disclosure through NYSED Data Privacy and Security:
Complaints can also be directed to the New York State Education Department online at http://www.nysed.gov/data-privacy-security/report-improper-disclosure, by mail to the Chief Privacy Officer, New York State Education Department, 89 Washington Avenue, Albany, NY 11234, by email to privacy@mail.nysed.gov or by telephone at 518-474-0937.
-
Parents' Bill of Rights and Data Privacy and Security Policies
Parents’ Bill of Rights for Data Privacy and Security
Great Neck Public Schools is committed to protecting the privacy and security of each and every student’s data. Parents should be aware of the following rights they have concerning their child’s data.
Board of Education Policy #8625 Privacy and Security For Student, Teacher, and Principal Data
The Board of Education recognizes its responsibility to enact policies that provide privacy for student, teacher, and principal data in accordance with the law. This is particularly relevant in the context of the administration of student data which is collected, surveys that collect personal information, the disclosure of personal information for marketing purposes, and in conducting physical exams.
View Great Neck Public Schools Board of Education Policy #8625 Information and Data Privacy Security Policy
Board of Education Policy # 8635 Information and Data Privacy, Security Breach and Notification
The Board of Education of the Great Neck Public Schools acknowledges the growing concern regarding the rise in identity theft, the need for secure networks as well as prompt notification when any computer security breach occurs.View Great Neck Public Schools Board of Education Policy #8635 Information and Data Privacy, Security Breach and Notification
NYSED Data Security and Privacy Policy
This policy addresses NYS Education Department’s (the Department or SED) responsibility to adopt appropriate administrative, technical, and physical safeguards and controls to protect and maintain the confidentiality, integrity, and availability of its data, data systems, and information technology resources.
Link to NYSED Data Elements
-
Data Privacy Agreements and Approved Software List
Software (programs/web-based applications) used in the District, both free and paid, are vetted for compliance with New York State Education Law-2d. The link below contains a list of (and link to) all of the Data Privacy Agreements that the district has in place with third-party vendors. This list will be updated as new platforms are added. A link to the Privacy Policy contains additional information specific to the company's policies. Where appropriate, we have included supplemental information that further explains the protection of student and staff data.
-
Federal Laws that Protect Students
Family Educational Rights and Privacy Act (FERPA) – The foundational federal law on the privacy of students’ educational records, FERPA safeguards student privacy by limiting who may access student records, specifying for what purpose they may access those records, and detailing what rules they have to follow when accessing the data.
Protection of Pupil Rights Amendment (PPRA) – PPRA defines the rules states and school districts must follow when administering tools like surveys, analysis, and evaluations funded by the US Department of Education to students. It requires parental approval to administer many such tools and ensures that school districts have policies in place regarding how the data collected through these tools can be used.
Children's Online Privacy Protection Rule (COPPA) – COPPA imposes certain requirements on operators of websites, games, mobile apps or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.
Source: NYSED.GOV
-
FERPA Annual Notification for Parents
The following Annual Notification is published in our district calendar and distributed to all parents each school year:
The district recognizes its legal responsibility to maintain the confidentiality of student records. As part of this responsibility, parents/persons in parental relation and students age 18 or over have the right to inspect and review education records. The procedures for ensuring these rights are consistent with New York State and Federal law, including the Family Educational Rights and Privacy Act of 1974 (FERPA) and its implementing regulations and the Great Neck Public School’s Parents’ Bill of Rights for Data Privacy and Security (Policy 5500-E).
The district also recognizes its responsibility to ensure the orderly retention and disposition of student records of district-sanctioned programs and activities. The district uses reasonable methods to provide access to student educational records only to those authorized under applicable law, and to authenticate the identity of the requestor.
Furthermore, when the district executes agreements with third-party contractors who collect, process, store, organize, manage or analyze student Personally Identifiable Information (PII), the district shall include provisions requiring that confidentiality of data be maintained in accordance with law and District policy. In addition, the District will ensure that the contract or written agreement includes the third-party contractor’s data privacy and security plan that has been accepted by the District. In accordance with NYS law, accepted data privacy and security plans are available on the district website.
Family Education Rights and Privacy Act—Parents and eligible students* have the following rights under the Family Educational Rights and Privacy Act of 1974 (FERPA):
- The right to inspect and review the student’s education record.
- The right to exercise a limited control of other people’s access to student records.
- The right to seek to correct the student’s education record if believed to be in error.
- The right to report violations of FERPA to the appropriate federal agency.
- The right to be informed about FERPA rights.
The following information is designated as student Directory Information: student’s name, grade level, school attending, awards received, and mailing address. This information may be disclosed without prior written consent. Parents or eligible students will have two weeks from the beginning of the school year or date a student enrolls to advise the school district, in writing, of any and all items they refuse to permit the district to designate as directory information for the balance of the school year.For more information, see Board of Education Policy on Student Records, 5500; School District Records, 1120; and Privacy and Security for Student, Teacher and Principal Data, 8625.