- Manhasset Union Free School District
- Student Data Privacy and Security
Instructional Technology
Page Navigation
- Welcome to the Manhasset UFSD Technology Department
- Instructional Technology Department
- Damaged, Lost or Stolen Chromebook?
- Chromebook Insurance Option
- Canvas Learning Management System
- Chromebook One to One Initiative
- ClassLink
- Low Cost Internet Access Option
- Mobile Technology @ Manhasset
- Parents/Community IT FAQs
- Smart Schools Bond Act
- Social Media Accounts
- Student Data Privacy and Security
- Technology Resources for Students
- IT Contact Information
-
What is New York State Education Law 2-D
Ed Law 2-d pertains to the unathorized release of personally identifiable information.
The Board of Regents adopted Part 121 of the Regulations of the Commissioner of Education on January 13, 2020. These rules will implement Education Law Section 2-d and provide guidance to educational agencies and their third-party contractors on ways to strengthen data privacy and security to protect student data and annual professional performance review data. The regulation went through multiple sets of revisions and three rounds of public comments and will go into effect January 29, 2020. It will apply to both charter and traditional public schools. We thank the members of the Data Privacy Advisory Council, implementation planning and drafting workgroups that supported the Department’s Chief Privacy Officer, Temitope Akinyemi, through this process.
Current NYSED Chief Privacy Officer: Louise DeCandia
-
District Approved Software List
Software (programs/web based applications) used in the District, both free and subscription-based, are vetted for compliance with New York State Education Law-2d when required by either the school district or BOCES. This is a list that will be updated through out the year. A link to the Privacy Policy contains additional information about the Data Privacy and Security agreement in place. In some cases we will use the software without a Data Privacy and Security agreement in place since no student Personally Identifiable Information (PII) is provided to the software provider.
Check back soon as this list is under construction and will feature periodic updates: Software Approved List
-
Data Privacy and Security Policies
Parents’ Bill of Rights for Data Privacy and Security
The Manhasset Union Free School District is committed to protecting the privacy and security of each and every student’s data. Parents should be aware of the following rights they have concerning their child’s data. In addition, this link includes how to file a complaint.Supplemental Information to the Parents Bill of Rights
Additional information for any contract or other written agreement with a third-party contractor that will receive personally identifiable information (PII)
Data Privacy Policy
The Board of Education (the “Board”) acknowledges the heightened concern regarding the rise in identity theft and the need for secure networks and prompt notification when security breaches occur. Thus, the Board adopts the National Institute for Standards and Technology Cybersecurity Framework Version 1.1 (NIST CSF) for data security and protection. The Data Protection Officer (“DPO”) is responsible for ensuring that the District’s systems follow NIST CSF and adopt technologies, safeguards and practices which align with it. This will include an assessment of the District’s current cybersecurity state, their target future cybersecurity state, opportunities for improvement, progress toward the target state, and communication about cybersecurity risk.Information and Data Privacy and Breach Notification Regulation
This regulation addresses information and data privacy, security, breach and notification requirements for student and teacher/Building Principal personally identifiable information under Education Law §2-d, as well as private information under State Technology Law §208.
Report an Improper Disclosure
Parents have the right to have complaints about possible breaches and unauthorized disclosures of student data addressed. Complaints should be directed to Dr. Rich Sevilla, Director of IT (and acting Data Protection Officer), Manhasset Union Free School District, 200 Memorial Place, Manhasset NY, 11030, 516-267-7531, Richard_Sevilla@manhassetschools.org. Complaints may also be filed directly to the New York State Education Department online http://www.nysed.gov/data-privacy-security, by mail to the Chief Privacy Officer, New York State Education Department, 89 Washington Avenue, Albany, NY 12234 or by email to privacy@nysed.gov or by telephone at 518-474-0937.Directory information Policy & Release of Directory Information/Opt Out
The District has designated certain categories of student information as “directory information.” Directory information includes a student’s name, ID number, user ID, or other unique personal identifier used by a student for purposes of accessing or communicating in electronic systems (only if the ID cannot be used to gain access to education records except when used in conjunction with one or more factors that authenticate the student’s identity), address, telephone number, date and place of birth, participation in school activities or sports, weight and height if a member of an athletic team, dates of attendance, degrees and awards received, most recent school attended, grade level, photograph, e-mail address, and enrollment status.
-
Federal Laws that Protect Students
Family Educational Rights and Privacy Act (FERPA) –
The foundational federal law on the privacy of students’ educational records, FERPA safeguards student privacy by limiting who may access student records, specifying for what purpose they may access those records, and detailing what rules they have to follow when accessing the data.
(FERPA) ANNUAL NOTIFICATION
(FERPA) NOTICE REGARDING ACCESS TO STUDENT RECORDS AND STUDENT INFORMATION
Protection of Pupil Rights Amendment (PPRA) –
PPRA defines the rules states and school districts must follow when administering tools like surveys, analysis, and evaluations funded by the US Department of Education to students. It requires parental approval to administer many such tools and ensures that school districts have policies in place regarding how the data collected through these tools can be used.
Children's Online Privacy Protection Rule (COPPA) –
COPPA imposes certain requirements on operators of websites, games, mobile apps or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.
