Parent Bill of Rights for Data Privacy and Security
Parents' Bill of Rights for Data Privacy and Security
In accordance with Education Law Section 2-d, the Marion Central School District hereby sets forth the following Parents’ Bill of Rights for Data Privacy and Security, which is applicable to all students and their parents/legal guardians.
1. A student's personally identifiable information cannot be sold or released for any commercial purposes;
2. In accordance with FERPA, Section 2-d and Board Policy 7240 Student Records: Access and Challenge, parents have the right to inspect and review the complete contents of their child's education record;
3. The District has the following safeguards in place to protect student data, including personally identifiable information stored or transferred by the District.
a. All databases that have student information are protected by a secure password and login. These logins are monitored and kept up to date;
b. Student information is only accessible by those that are deemed warranted of having the information.
4. The New York State Education Department collects a number of student data elements for authorized uses. A complete list of all student data elements collected by the State is available for public review from the State Education Department. Websites and mailing addresses will be made public when they become available.
5. Parents have the right to submit complaints about possible breaches of student data or teacher or principal APPR data. Any such complaint must be submitted, in writing, to:
Director of Finance and Technology
4034 Warner Rd, Marion NY 14505
Supplemental Information Regarding Third-Party Contractors
In the course of complying with its obligations under the law and providing educational services to District residents, the Marion Central School District has entered into agreements with certain third-party contractors. Pursuant to such agreements, third-party contractors may have access to "student data" and/or "teacher or principal data," as those terms are defined by law.
Each contract the District enters into with a third party contractor where the third party contractor receives student data or teacher or principal data will include the following information:
1) The exclusive purposes for which the student data or teacher or principal data will be used;
2) How the third party contractor will ensure that the subcontractors, persons or entities that the third party contractor will share the student data or teacher or principal data with, if any, will abide by data protection and security requirements;
3) When the agreement expires and what happens to the student data or teacher or principal data upon expiration of the agreement;
4) If and how a parent, student, eligible student, teacher or principal may challenge the accuracy of the student data or teacher or principal data that is collected; and
5) Where the student data or teacher or principal data will be stored (described in such a manner as to protect data security), and the security protections taken to ensure such data will be protected, including whether such data will be encrypted.