Skip To Main Content

Student Data Privacy

Your Child’s Privacy Matters: Understanding Student Data Protection in Illinois

At Ransom Grade School, we are committed to safeguarding the privacy and security of our students' data. In accordance with the Illinois Student Online Personal Protection Act (SOPPA), we ensure that all student information collected by our schools and the educational technology providers we use is protected and handled responsibly.

We encourage parents, guardians, and students to learn more about how student data is collected, used, and protected. The links added to this webpage will give you the following information: 

  • What information is collected and why

  • How we comply with state and federal privacy laws (including SOPPA, FERPA, and COPPA)

  • The third-party vendors we work with and their data privacy agreements

  • Your rights as a parent or guardian

Transparency and trust are our priorities. If you have questions or concerns about student data privacy, please don’t hesitate to contact Dr. Lindsey Paul at lpaul@ransomgradeschool.net.

Together, we can ensure a safe and secure learning environment for every student.

SOPPA

Protecting Student Data Under SOPPA

Protecting the privacy of our students is a top priority. In compliance with the Student Online Personal Protection Act (SOPPA)—an Illinois law designed to ensure the security of student data—we take careful steps to manage and protect the information collected through educational technology.

What is SOPPA?
SOPPA requires school districts to enter into data privacy agreements with all third-party educational technology vendors that collect student data. The law ensures this data is used only for educational purposes and is kept safe from misuse or unauthorized access.

Our Commitment Includes:

  • Listing all approved online tools and providers that collect student data

  • Maintaining written agreements with vendors outlining strict data protection measures

  • Allowing parents to inspect, correct, or request the deletion of their child’s data

  • Responding to data breaches in a timely and transparent manner

 

DPA

A Data Privacy Agreement (DPA) is a legal document that outlines how parties handle and protect personal data. It’s commonly used between organizations and vendors, service providers, or partners to ensure compliance with data protection laws such as the GDPR, CCPA, or HIPAA

FERPA

FERPA stands for the Family Educational Rights and Privacy Act, a federal law in the United States enacted in 1974. It governs access to and privacy of student education records. Here's a quick breakdown:

What FERPA Does:

  1. Protects Student Privacy: Gives parents certain rights regarding their children's education records. These rights transfer to the student when they turn 18 or attend a school beyond the high school level (then called "eligible students").

  2. Gives Rights to Parents/Students:

    • Access to their education records.

    • Request amendments to records they believe are inaccurate or misleading.

    • Control over disclosures of personally identifiable information (PII) from records, except under certain conditions.

  3. Limits Disclosure Without Consent:

    • Schools generally must have written permission from the parent or eligible student to release any information from a student's education record.

    • There are exceptions, such as disclosures to school officials with legitimate educational interests, or in compliance with a subpoena.

  4. Directory Information:

    • Schools may disclose "directory information" (e.g., name, address, phone number) without consent, unless the parent or eligible student has opted out.

  5. Applies to Schools Receiving Federal Funds:

    • FERPA applies to all educational institutions that receive funds from the U.S. Department of Education.

COPPA

"COPPA" stands for the Children's Online Privacy Protection Act. It’s a U.S. federal law enacted in 1998 and enforced by the Federal Trade Commission (FTC). The purpose of COPPA is to protect the privacy of children under the age of 13 when they are online.

Key Provisions of COPPA:

  • Parental Consent: Websites and online services must obtain verifiable parental consent before collecting personal information from children under 13.

  • Privacy Policy Requirements: Operators must post a clear and comprehensive privacy policy detailing their data collection practices.

  • Data Collection Limitations: Limits are placed on the types of personal data that can be collected from children, such as name, address, email, phone number, and more.

  • Parental Rights: Parents must be allowed to review, delete, and refuse further collection of their child’s data.

  • Security Requirements: Websites must implement reasonable procedures to protect the security of children’s information.

CIPA

CIPA stands for the Children’s Internet Protection Act. It is a U.S. federal law enacted in 2000 to address concerns about children's access to obscene or harmful content over the internet.

Key Points about CIPA:

  • Purpose: To protect minors from accessing inappropriate online content in schools and libraries that receive federal funding for internet access.

  • Requirements:

    • Schools and libraries must install internet filters to block access to visual depictions that are:

      • Obscene

      • Child pornography

      • Harmful to minors (for computers accessed by minors)

    • They must also adopt and enforce an internet safety policy that includes monitoring the online activities of minors.

  • Funding Link: Compliance with CIPA is required to receive E-rate funding, which provides discounts for internet access and internal network infrastructure to eligible schools and libraries.

  • Additional Safety Education: Schools must educate minors about appropriate online behavior, including interacting on social media and cyberbullying awareness.

Security Breach

Currently, there are no student data breaches. However, information will become available should one occur.