Data Security

Student Data Privacy and Security

New York State Education Law Section 2-d requires that all school districts provide an inventory of programs used in the school environment on their websites and make such a document publicly available. Schools must also provide a clear description of the various data elements collected by the programs and applications including student, teacher and administrator Personally Identifiable Information (PII). In addition to the required information, more resources such as legal or regulatory documentation may be added to this public resource further outlining the reasons particular data elements are collected as well as the intended uses. You will find the inventory and a description of the programs currently in use in our schools with links to each company's privacy policies maintained by RIC One below. This public portal will be continuously updated as new security information is received or as new technological applications are integrated into the school environment.

Data Protection Officer

The Data Protection Officer for the district is Jake Sheehan, Director of Administration.  Questions, concerns, or complaints about data security should be directed to [email protected].

Inventory of Applications in Use that are Compliant with NYS Education Law Section 2-D

Click here to view this table in a new window.

Inventory Key

Applications that are purchased through GST BOCES are covered under the GST BOCES Parents' Bill of Rights or Contracts available for review at: http://www.gstboces.org/documents/data-privacy/inventory/index.cfm
After reviewing this resource, if you have any questions, please feel free to email [email protected]

What Is RIC One?

RIC One is a program that consists of 12 Regional Information Centers (RICs) that helps with various services provided to schools. One such service, is the Data Privacy and Security Initiative tool for New York State districts to ensure compliance with Education Law 2-d and Family Educational Rights and Privacy Act (FERPA) requirements. RIC One serves as an intermediary for Districts by hosting the service and by acquiring the required documentation from the vendors. They also work to support educators in implementing technology-rich learning experiences while ensuring that students’ privacy is not compromised.

Additional Signed Parents' Bill of Rights

Some vendors are given access or store student or teacher/principal data under the requirements of New York State Education Law Section 2-d and the approval of the district but do not fall under the inventory of applications because they are a service provider and not an application.  Those contracts, signed Bill of Rights, and supplemental documentation is provided here: