Our District
Departments
Staff Resources
Parents
School Board
Strategic Planning
What happens to the student data that we send to a third party vendor? Information like names, birthdates, etc... may be provided by Riverside School District 96 to a third party service provider. What protections do those companies have in place to make sure that our student's data is not sold or freely given to others? This is exactly what SOPPA looks to address.
As part of SOPPA, these companies must enter into Data Privacy Agreements (DPA) with each district they work with. These agreements outline what data is stored, how it is protected, what the company can and cannot do with that data, and what they will do in the event of a data breach.
VIDEO: What is SOPPA? An Introduction to the Student Online Personal Protection Act
Enter your text here...
Annual Notice to Parents about Educational Technology Vendors Under the Student Online Personal Protection Act
School districts throughout the State of Illinois contract with different educational technology vendors for beneficial K-12 purposes such as providing personalized learning and innovative educational technologies, and increasing efficiency in school operations.
Under Illinois’ Student Online Personal Protection Act, or SOPPA (105 ILCS 85/), educational technology vendors and other entities that operate Internet websites, online services, online applications, or mobile applications that are designed, marketed, and primarily used for K-12 school purposes are referred to in SOPPA as operators. SOPPA is intended to ensure that student data collected by operators is protected, and it requires those vendors, as well as school districts and the Illinois State Board of Education, to take a number of actions to protect online student data.
Depending upon the particular educational technology being used, our District may need to collect different types of student data, which is then shared with educational technology vendors through their online sites, services, and/or applications. Under SOPPA, educational technology vendors are prohibited from selling or renting a student’s information or from engaging in targeted advertising using a student’s information. Such vendors may only disclose student data for K-12 school purposes and other limited purposes permitted under the law.
In general terms, the types of student data that may be collected and shared include personally identifiable information (PII) about students or information that can be linked to PII about students, such as:
Basic identifying information, including student or parent/guardian name and student or parent/guardian contact information, username/password, student ID number
Demographic information
Enrollment information
Assessment data, grades, and transcripts
Attendance and class schedule
Academic/extracurricular activities
Special indicators (e.g., disability information, English language learner, free/reduced meals or homeless/foster care status)
Conduct/behavioral data
Health information
Food purchases
Transportation information
In-application performance data
Student-generated work
Online communications
Application metadata and application use statistics
Permanent and temporary school student record information
Operators may collect and use student data only for K-12 purposes, which are purposes that aid in the administration of school activities, such as:
Instruction in the classroom or at home (including remote learning)
Administrative activities
Collaboration between students, school personnel, and/or parents/guardians
Other activities that are for the use and benefit of the school district
Data Privacy Agreements (DPA)
Riverside School District 96 leverages the Student Data Privacy Consortium (SDPC), which is an unique collaborative of schools, districts, regional, territories and state agencies, policy makers, trade organizations and marketplace providers addressing real-world, adaptable, and implementable solutions to growing data privacy concerns. If you would like to read more about the SDPC, click here. Through the SDPC we enter into contracts with 3rd party vendors who handle our student's data.