Education Law 2d

New York State Department of Education has recently released the adoption of a new law that focuses on the protection and handling of Personal Identifiable Information (PII) . This law was passed at the end of January 2020, Frontier Central School District is already taking measures to ensure we are compliant with this new law.  Please find information related to the law in the links below.

What Parents Need to Know Their Student’s Information

NY State Senate Law (Section 2d)

Part 121

Important Contact Information

Data Protection Officer
Michael Sullivan
msullivan2@frontiercsd.org

Student Data Protection

Managing student data safely is a complicated issue that our school district takes very seriously. However, we begin this with the caveat that we are NOT experts in this area. We are practitioners who are trying to manage a constantly evolving field. It is a challenge to stay informed and up to date on best practice in this ever-changing landscape- but the threat of not addressing these issues are potentially severe. At FRONTIER, we address the issue on multiple fronts. 

Where is sensitive student data kept?

All sensitive information that we collect on students is stored in our student management system (SMS) eSchool Data.  This allows FRONTIER staff and students to function effectively as a school district. This includes the following data: demographics, academics, attendance, disabilities, discipline, health, free and reduced lunch, and transportation. This data is held securely in servers that are protected by state-of-the-art firewalls and disaster recovery procedures. Much of this data is in highly secure servers at the Western New York Regional Information Center (WNYRIC). Some of the data is housed in secure servers inside the district.

Is student data shared?

Yes. Student data that is collected and secured by the district is shared outside of this protected area in two ways:

Data is shared with New York State

New York State requires that we share some of student and staff data with NYSED for a variety of reasons. Our Data Manager carefully maps the data that is requested to the corresponding fields in our secure databases and pushes that data to the NYS Data Warehouse. This process is overseen and “certified” by the Superintendent of Schools. The data pushed to the Data Warehouse is maintained securely (details of security protocol). The exact data fields requested by NYSED change periodically. 

Data is shared with approved third-party vendors

There are many software applications that require the input of limited student data in order function effectively. When we share student data with a third-party vendor, the following three principles are followed:

1. The vendor/application must be approved by the Data Protection Officer as compliant with federal and state privacy laws. The process is as follows:
   1. Staff members submit the software for approval by the district.
   2. The Data Protection Officer uses multiple sources of information (including the RIC ONE Data Privacy and Security Service; The Privacy Evaluation Initiative Consortium and DATAG) to make a judgement as to the level of compliance of the vendor.
   3. Software and Apps that are reviewed (or in process of being reviewed)
2. Once a vendor is approved by the district, the district shares the minimal amount of data necessary for the software to function effectively.
3. Any data transferred to a third-party vendor must be transferred through secure networking protocol.

Reporting Required by the NYS Education Department

• Inventory of Data Elements Collected by NYSED
  • This document lists all of the data elements required by NYS.
  • After consideration and review, the District submits all required elements that apply to the District and uses the NYS templates through WNYRIC which are more categorized.
• 2021-22 SIRS Reporting Timeline
  • All data needs to be certified by the Superintendent of Schools.
  • This memo provides reporting requirements and dates of certification.
• Reporting 2021-22 School Year Data Collection
  • This highlights revisions and additions of data collection requirements and could be referenced for data collection clarification.
  • The definitions are aligned with Federal reporting requirements.
• NYS Student Information Repository System (SIRS) Manual

Parents, eligible students (students who are at least 18 years of age or attending a post-secondary institution at any age), principals, teachers, and employees of FRONTIER Central School District may file a complaint about improper disclosure of student data and/or protected teacher or principal data.

To file a complaint, please email Michael Sullivan at msullivan2@frontiercsd.org for the password to the link below.

UNAUTHORIZED DISCLOSURE COMPLAINT FORM