Data Privacy and Security at DCMO BOCES

DCMO BOCES is committed to maintaining the privacy and security of student data and teacher and principal data and will follow all applicable laws and regulations for the handling and storage of this data in DCMO BOCES and when disclosing or releasing it to others, including, but not limited to, third-party contractors. DCMO BOCES adopts this policy to implement the requirements of Education Law Section 2(d) and its implementing regulations, as well as to align DCMO BOCES data privacy and security practices with the National Institute for Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity.

Below you will find the DCMO BOCES policies and information for the DCMO BOCES Board of Education adopted Data Security and Privacy Policy, FERPA and Directory information policy, Data Privacy Software Inventory, Parent's Bill of Rights, and information to report a potential breach of information. If you have any questions please contact our Data Protection Officer.

Contact

Robert Avery
Data Privacy Officer (DPO)
Phone: (607) 335-1320

Links

Data and Security Policy
Data Security Software Inventory
Information Security Breach Policy
Report Possible Breach of Information

Parents' Bill of Rights for Data and Privacy Security

DCMO BOCES seeks to use current technology, including electronic storage, retrieval, and analysis of information about students’ education experience in the district, to enhance the opportunities for learning and to increase the efficiency of our district and school operations. 

DCMO BOCES seeks to ensure that parents have information about how the District stores, retrieves, and uses information about students, and to meet all legal requirements for maintaining the privacy and security of protected student data and protected principal and teacher data, including Section 2(d) of the New York State Education Law.

To further these goals, DCMO BOCES has posted this Parents’ Bill of Rights for Data Privacy and Security.

  1. A student’s personally identifiable information cannot be sold or released for any commercial purposes.

  2. Parents have the right to inspect and review the complete contents of their child’s education record. The procedures for exercising this right can be found in Board Policy 601. You may access this Policy from the Links section above.

  3. State and federal laws protect the confidentiality of personally identifiable information and safeguards associated with industry standards and best practices, including but not limited to encryption, firewalls, and password protection must be in place when data is stored or transferred.

  4. A complete list of all student data elements collected by the State may be downloaded as a Microsoft Excel file from http://www.p12.nysed.gov/irs/sirs/documentation/NYSEDstudentData.xlsx and a copy may be obtained by writing to the Office of Information & Reporting Services, New York State Education Department, Room 863 EBA, 89 Washington Avenue, Albany, New York 12234.

  5. Parents have the right to have complaints about possible breaches of student data addressed. Complaints should be directed in writing to the Chief Privacy Officer, New York State Education Department, Room 863 EBA, 89 Washington Avenue, Albany, New York 12234.

Reporting Possible Improper Disclosure or Breach of Information

Parents, eligible students (students who are at least 18 years of age or attending a postsecondary institution at any age), teachers, principals, and employees of an educational agency may file a complaint about a possible breach or improper disclosure of student data and/or protected teacher or principal data.  To submit a confidential report of a potential unauthorized disclosure that you believe resulted in a release of student personally identifiable information (PII) and/or APPR data for teachers and/or principals, please follow this link.  A link to DCMO's Information Security Breach Policy can be found above.  Please contact the DCMO Data Privacy Officer to check on the status of a report.

Data Privacy Software Inventory

New York State Education Law Section 2(d) requires that all school districts introduce an inventory of programs used in the school environment on their websites and make such a document publicly available. Schools must also provide a clear description of the various data elements collected by the programs and applications including student, teacher and administrator Personally Identifiable Information (PII). To that end, DCMO is partnering with RIC One to provide this information.  Please follow the "Data Security Software Inventory" link above to access  the inventory and a description of the programs currently in use in our schools with links to each company's privacy policies.  This public portal will be continuously updated as new security information is received or as new technological applications are integrated into the school environment.  In addition to the required information, more resources such as legal or regulatory documentation may be added to this public resource further outlining the reasons particular data elements are collected as well as the intended uses.

RIC One is a program that consists of 12 Regional Information Centers (RICs) that helps with various services provided to schools. One such service is the Data Privacy and Security Initiative tool for New York State districts to ensure compliance with Education Law 2(d) and Family Educational Rights and Privacy Act (FERPA) requirements. RIC One serves as an intermediary for BOCES and Districts by hosting the service and by acquiring the required documentation from the vendors. RIC One also works to support educators in implementing technology-rich learning experiences while ensuring that students’ privacy is not compromised.

After reviewing this new resource, if you have any questions, please feel free to contact our Data Protection Officer.