Parents Bill of Rights for Data Privacy and Security
Genesee Valley BOCES seeks to use current technology, including electronic storage, retrieval, and analysis of information about students' education experience in the d istr ic t, to enhance the opportunities for learning and to increase the efficiency of our operations. To assist in meeting legal requirements for maintaining the privacy and security of protected student data and protected principal and teacher data, including Section 2-d of the New York State Education Law, Genesee Valley BOCES has posted this Parents Bill of Rights for Data Privacy and Security.
1. A student's personally identifiable information cannot be sold or released for any commercial purposes.
2. Parents have the right to inspect and review the complete contents of their child's education record. The procedures for exercising this right can be found in Student Records Policy, No. 6420.
3. State and federal laws protect the confidentiality of personally identifiable information, and safeguards associated with industry standards and best practices, including but not limited to, encryption, firewalls, and password protection, must be in place when data is stored or transferred.
4. A complete list of all student data elements collected by the State is available at http://www.nysed.gov/data-privacy-security/student-data-inventory and a copy may be obtained by writing to the Office of Information & Reporting Services, New York State Education Department, Room 863 EBA, 89 Washington Avenue, Albany, New York 12234.
5. Parents have the right to have complaints about possible breaches of student data addressed.
a. Parents may make a written report of a possible breach of student data to the Genesee Valley BOCES Data Protection Officer, 80 Munson Street, LeRoy, NY 14482, or by phone at 585-658-7900. Click this link to submit a complaint via this website.
b. Complaints may also be directed in writing to the Chief Privacy Officer, New York State Education Department, Room 863 EBA, 89 Washington Avenue, Albany, New York 12234 or by submitting a form at: http://www.nysed.gov/data-privacy-security/report-improper-disclosure
6. To be notified in accordance with applicable laws and regulations if a breach or unauthorized release of PII occurs.
7. Educational agency workers that handle PII will receive training on applicable state and federal laws, policies, and safeguards associated with industry standards and best practices that protect PII.
8. Educational agency contracts with vendors that receive PII will address statutory and regulatory data privacy and security requirements.
PBR 5 2 2021