OIT – Student Data Privacy

Home 9 OIT 9 OIT – Student Data Privacy

The Frontier Regional/Union#38 Schools hold data privacy and security in high regard and takes action to ensure that our students’ data is handled securely in compliance with  the Family Educational Rights and Privacy Act (FERPA), Childrens Internet Protection Act (CIPA), and other recognized legislations that protects student data, like the Commonwealth’s Fair Information Practices Act (FIPA), G.L. c.66A.

Frontier Regional/Union #38 Schools uses a standardized data privacy agreement for all suppliers that store any student information including personally identifiable data (PII) that has been developed by the Massachusetts Student Privacy Alliance (MSPA).

According to the Data Privacy Agreement, all providers must:

  • Verify that industry standard practices for data security and privacy are being adhered to.
  • Ensure that the school system has the authority to check the vendor’s compliance.
  • Do not sell student information or use it for anything other the service for which it was intended.
  • Give the school district notice of a data breach as soon as it happens, if at all possible.
  • No matter where the data is stored, make sure the school district keeps ownership of it.
  • Observe the laws defending the rights of students.

Visit the online digital resources database which lists vetted resources for educational and privacy protections.

COPPA - Childrens Online Privacy Protection Act

COPPA puts special restrictions on software companies about the information they can collect about students under 13. So, students under 13 can’t make their own accounts, teachers have to make the accounts for them. In making the accounts, teachers need to be aware of their responsibility under FERPA. 

Learn More >>

FERPA - Family Educational Rights and Privacy Act
FERPA requires that schools have written permission from the parent or guardian in order to release any information from a student’s education record. So the most important thing is that, with some very specific exceptions, you shouldn’t be sharing student information with apps and websites without parent permission. Visit the links below to find more details relating to what data we collect and maintain in our student information system to be compliant with DESE and meet the diverse needs of our students.

Learn More about FERPA >>

CIPA -Childrent's Internet Protection Act

Teachers don’t need to help comply with CIPA, but it’s useful to know that it is in place. CIPA requires districts to put measures in place to filter Internet access and other measures to protect students. Our district uses a content filter on our gateway to and from the internet, as well as content filtering services from GoGuardian.

Learn More >>

HIPAA - Health Insurance Portability and Accountability Act

Restricts the access, use and disclosure of “protected health information” maintained by “covered entities.” These entities are typically health plans, health-care clearinghouses, and health-care providers. That means that your school is not a covered entity, unless you’re providing “health care,” like through a free clinic or other service beyond a day-to-day school nurse.  HIPPA can apply to some school health records some of the time.  The more important law is FERPA.

Learn More >>

PPRA - Protection of Pupil Rights Act

PPRA governs the administration to students of any survey, analysis, or evaluation that concerns one or more of eight designated protected areas. 

Learn More >>

GDPR - General Data Protection Law in EU (GDPR)

Europe’s new data privacy and security law which includes hundreds of pages’ worth of new requirements for organizations around the world.

Learn More >>

CCPA - California Consumer Privacy Act

The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them and the CCPA regulations provide guidance on how to implement the law. 

Learn More >>