Student Data Privacy Information
New Lenox School District 122 cares about protecting the security and privacy of the digital data that is generated for and by the district. Staff and Student personally identifiable information (PII) are protected by many federal and state laws, and a few are listed below for students and parents to reference.
Children’s Online Privacy Protection Act (COPPA)
This law applies to websites and online services (including mobile apps) and governs the collection and use of personal information from children under 13. When we work with a 3rd party site, we must operate within the constraints of the law.
In many cases, online services comply with the law by explicitly granting school districts the ability to create and manage accounts on behalf of students under age 13; however, many companies do not. The FTC recommends that all websites and online services – particularly those directed to children – post privacy policies online so visitors can easily learn about the operator’s information practices. As a district we work to utilize only sites that follow the COPPA requirements 100%, providing privacy policies that support our protection of online information.
Student Online Personal Protection Act (SOPPA)
Effective July 1, 2021, school districts will be required by the Student Online Personal Protection Act (SOPPA) to provide additional guarantees that student data is protected when collected by educational technology companies, and that data is used for beneficial purposes only (105 ILCS 85).
School districts throughout the State of Illinois contract with different educational technology vendors for beneficial K-12 purposes such as providing personalized learning and innovative educational technologies, and increasing efficiency in school operations. Under Illinois’ Student Online Personal Protection Act, or SOPPA (105 ILCS 85/), educational technology vendors and other entities that operate Internet websites, online services, online applications, or mobile applications that are designed, marketed, and primarily used for K-12 school purposes are referred to in SOPPA as operators. SOPPA is intended to ensure that student data collected by operators is protected, and it requires those vendors, as well as school districts and the Ill. State Board of Education, to take a number of actions to protect online student data.
Depending upon the particular educational technology being used, our District may need to collect different types of student data, which is then shared with educational technology vendors through their online sites, services, and/or applications. Under SOPPA, educational technology vendors are prohibited from selling or renting a student’s information or from engaging in targeted advertising using a student’s information. Such vendors may only disclose student data for K-12 school purposes and other limited purposes permitted under the law. Please see the list of operators with whom we share student data below:
Parents may request to inspect or review their student's covered information under SOPPA. Please see our parent rights and procedures for reviewing student covered information below:
Operators and districts are also required under SOPPA to publish information about any breaches of covered information. The posting must contain the number of students affected, the date of the breach, and the name of the operator. Below is the list of operators for NLSD122 that encountered data security breaches.
Data Breaches containing Covered Information: None within the last 5 years.
Child Internet Protection Act (CIPA)
The district is required by CIPA to have technology measures and policies in place that protect students from harmful materials including those that are obscene and pornographic. This means that student email is filtered and monitored. Mail containing harmful content from inappropriate sites will be blocked.
The district uses a content filter for students named Securly which is a cloud based solution that acts as a shield for users on the network. Similar to most content filter companies, Securly maintains a list of sites it believes are objectionable and classifies them under different categories, and school districts can allow or block any additional sites they identify. No filter guarantees to block all inappropriate or objectionable content. Staff and students are responsible for acceptable use and reporting objectionable content or incorrectly blocked content to administrators when online.
Family Educational Rights and Privacy Act (FERPA)
FERPA protects the privacy of student education records and gives parents rights to review student records. Under FERPA, schools may disclose directory information (name, phone, address, grade level, etc...) but parents may request that the school not disclose this information by sending a written request to the district.
- The school will not publish confidential education records (grades, student ID #, etc.) for public viewing on the Internet.
- The school may publish student work and photos for public viewing but will not publish student last names or other personally identifiable information.
- Parents may request that photos, names and general directory information about their children not be published. To do this, please log in our our PowerSchool system and completed the Directory Information opt-out form.
- Parents have the right at any time to investigate the contents of their child’s email and Google Workspace for Education files.