ALBANY, N.Y. – The Common Core experiment has borne a lot of bitter fruit, but here’s one exception: New York education officials have come up with a “bill of rights” that spells out what controls parents have over their children’s school-related data.
The data privacy protections are in direct response to parents’ outrage over Common Core-related plans to store students’ identifiable personal information on a data cloud so as to facilitate data-sharing among school officials and third-party contractors.
The new 11-page “Parents’ Bill of Rights for Data Privacy and Security” – which lawmakers required be created as part of the recent budget bill – provides “‘important new protections for student data, and new remedies for breaches of the responsibility to maintain the security and confidentiality of such data,’” LoHud.com reports.
Each school district must now post on its website what rights parents have under the federal Family Educational Rights and Privacy Act (FERPA) and under state law, LoHud.com reports.
In practical terms, the “Parents’ Bill of Rights” establishes strict regulations over how third-party contractors are allowed to handle student information, including personally identifiable information.
The fact that third-party contractors are still allowed to handle sensitive student data will come as a disappointment to many parents. To stop that practice, however, would likely require a change to the federal government’s FERPA law, which Education Secretary Arne Duncan watered down to help facilitate Common Core-related data sharing.
The upshot of New York’s new regulations is that third-party contractors will be required to present a plan of how they’re going to protect student data.
In the event of a complaint that a contractor has failed to protect the data, the state’s Chief Privacy Officer will be “authorized to investigate, visit, examine and inspect the third party contractor’s facilities and records and obtain documentation from, or require the testimony of, any party relating to the alleged improper disclosure of student data,” according to the document.
The Chief Privacy Officer is a new state position explicitly created in the state budget bill.
EAGnews’ reading of the 11-page law suggests the state will not be allowed to collect students’ personally identifiable information except in a few clearly defined instances. Presumably, this means parents won’t have to worry about the state storing their children’s sensitive personal information on a data cloud, where it might be available to hackers.
Perhaps best of all, New Yorkers will be given a period of time “to submit comments and suggestions to the Chief Privacy Officer for possible inclusion in the bill of rights,” the news site reports.
It’s unclear when the comment and suggestion period will occur, as state officials have yet to fill the Chief Privacy Officer position. Still, when the public hearing occurs, it will give parents and concerned residents a chance to beef up data security measures even more.