Mr. Brennan Fahey
Data Protection Officer
In order to conduct a successful education program, the district receives, creates, stores and transfers information about students, teachers and principals that is protected by state and federal law. The district takes active steps to protect the confidentiality of protected information in compliance with all applicable state and federal laws. The district expects all district officers, employees, and partners to maintain the confidentiality of protected information in accordance with state and federal law and all applicable Board Policies.
District Policy - Parents’ Bill of Rights for Data Privacy and Security
A student’s personally identifiable information cannot be sold or released for any commercial purposes.
Parents have the right to inspect and review the complete contents of their child’s education record. The procedures for exercising this right can be found in Board Policy #7240, Students Records Access and Challenge. You may access this Policy from the District’s website.
State and federal laws protect the confidentiality of personally identifiable information, and safeguards associated with industry standards and best practices, including but not limited to, encryption, firewalls, and password protection, must be in place when data is stored or transferred.
A complete list of all student data elements collected by the State is available here and a copy may be obtained by writing to the Office of Information & Reporting Services, New York State Education Department, Room 863 EBA, 89 Washington Avenue, Albany, New York 12234.
Parents have the right to have complaints about possible breaches of student data addressed. Complaints should be directed in writing to the Data Protection Officer, the Superintendent, of Owen D Young CSD. Or for state-level- Chief Privacy Officer, New York State Education Department, Room 863 EBA, 89 Washington Avenue, Albany, New York 12234.
Supplemental Information About Third-Party Contracts
In order to meet 21st-century expectations for effective education and efficient operation, the District utilizes several products and services that involve third party contractors receiving access to student data, or principal or teacher data, protected by Section 2-d of the Education Law. The District recognizes that students, parents, and the school community have a legitimate interest in understanding which of the District’s vendors receive that data, for what purpose, and under what conditions. The District has undertaken the task of compiling that information, and of ensuring that each new contract adequately describes (1) the exclusive purposes for which the data will be used, (2) how the contractor will ensure that any subcontractors it uses will abide by data protection and security requirements, (3) when the contract expires and what happens to the data at that time, (4) if and how an affected party can challenge the accuracy of the data is collected, (5) where the data will be stored, and (6) the security protections taken to ensure the data will be protected, including whether the data will be encrypted.
Owen D. Young Central School District is required to annually notify parents of their rights under FERPA; that information can be found in our FERPA Notification Policy. Under FERPA, the district may identify certain data elements as Directory Information, which may be disclosed without obtaining prior parental consent. Parents are provided with the opportunity to opt out of certain Directory Information disclosures by filling out the form HERE. The data identified as Directory Information by our BOCES is:
date and place of birth
name of the student’s parents
student’s home school district
student’s class designation
participation in extracurricular activities
dates of attendance
student’s achievement awards and honors
most recent previous educational agency attended by the student.
video images of students (with or without sound) engaged in routine activities.
The district is working on granting families access to a RICOne tool that we will be able to display the district's software inventory and their 2-D contract information with one Hyperlink. Once access is granted, that information will be posted here.
The Owen D. Young Central School District is dedicated to the protection of student data and to maintaining data security and privacy across the district. If you believe that a breach or unauthorized disclosure of student personally identifiable information has occurred, please complete this form and submit it in person to one of our Data Protection Officers, Matt Cieri or Colby Utter. Any parent, eligible student (students who are at least 18 years of age or attending a postsecondary institution at any age), principal, teacher or employee of an educational agency may file a complaint. A complaint can also be submitted to the New York State Chief Privacy Officer using this online form.
The Board of Regents adopted Part 121 of the Regulations of the Commissioner of Education on January 13, 2020. These rules implement Education Law Section 2-D.
Family Educational Rights and Privacy Act (FERPA)
The foundational federal law on the privacy of students’ educational records, FERPA, safeguards student privacy by limiting who may access student records, specifying for what purpose they may access those records, and detailing what rules they have to follow when accessing the data.
Protection of Pupil Rights Amendment (PPRA)
PPRA defines the rules states and school districts must follow when administering tools like surveys, analysis and evaluations funded by the U.S. Department of Education to students. It requires parental approval to administer many such tools and ensures that school districts have policies in place regarding how the data collected through these tools can be used.
Children's Online Privacy Protection Rule (COPPA)
COPPA imposes certain requirements on operators of websites, games, mobile apps or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.