Data Privacy and Security

OU BOCES has created a page to provide families and educators with information and processes related to student data privacy and security in accordance with New York State Education Law 2D. This includes the OU BOCES Data Privacy and Security Policy, the Parent's Bill of Rights, and links to vendor contracts and assurances regarding the responsible use of your student's information.

Data Protection Officer

Forrest Addor

Data Privacy and Security Policy

In January 2020, the NYSED Board of Regents adopted Part 121 of the Commissioner's Regulations for the Strengthening of Data Privacy and Security in NYS Educational Agencies to protect Personally Identifiable Information (PII) pursuant to Education Law sections 2-D, 101, 207, and 305. Districts and BOCES policies are expected to be adopted no later than October 1, 2020.

PRIVACY AND SECURITY FOR STUDENT DATA AND TEACHER AND PRINCIPAL DATA

Complaint Procedures for Unauthorized Data Disclosure/Data Breach

Parents, eligible students (students who are at least 18 years of age), principals, teachers, and employees of an educational agency may file a complaint about a possible breach or improper disclosure of student data and/or protected teacher or principal data using the form linked below.

Unauthorized Data Disclosure/Data Privacy Compliant Form

Parents' Bill of Rights

The purpose of the Parents' Bill of Rights is to provide information to parents, legal guardians, those in parental relation to students and eligible students (age 18 and older) about certain legal requirements that protect personally identifiable (PII) information pursuant to state and federal laws.

Parents' Bill of Rights for Data Privacy and Security

Parents' Bill of Rights for Data Privacy and Security

In accordance with the requirements of Section 2-d of the New York Education Law, Orange-Ulster BOCES (the “OU BOCES”) provides the following Parents’ Bill of Rights with respect to maintaining the privacy and security of student data:

A student's personally identifiable information cannot be sold or released for any commercial purposes;
Parents have the right to inspect and review the complete contents of their child's education record;
State and federal laws protect the confidentiality of personally identifiable information, and safeguards associated with industry standards and best practices, including but not limited to, encryption, firewalls, and password protection, must be in place when data is stored or transferred. Towards this end, OU BOCES has implemented the following safeguards to protect personally identifiable information about students, which is stored or transferred by OU BOCES, against unauthorized disclosure.

All databases that have student information are protected by a secure password and login. Logins are monitored, and passwords are kept up-to-date.
All databases that have student information are protected by a secure firewall, and intrusion detection. All data bases that contain student information are encrypted with 256 bit secure socket layer protection.

4. Parents may access a complete list of all student data elements collected by NYSED at http://www.p12.nysed.gov/irs/sirs/documentation/NYSEDstudentData.xlsx, or may obtain a copy of this list by writing to the Office of Information & Reporting Services, New York State Education Department, Room 863 EBA, 89 Washington Avenue, Albany, NY 12234.

5. Parents have the right to have complaints about possible breaches of student data addressed. Complaints should be directed to: Director of Technology, 4 Harriman Drive, Goshen, NY 10924 (845)781-4358; support@ouboces.org.

PLEASE NOTE: Accordingly, this Parents’ Bill of Rights is subject to revision and/or supplementation as needed to comply with OU BOCES’ obligations under the law.

Additional information is available on the New York State Education Department’s website at: http://www.p12.nysed.gov/docs/parents-bill-of-rights.pdf.

Download the Parents' Bill of Rights for Data Privacy and Security

Third Party Vendor Contracts and Approved Software List

OUBOCES will ensure that whenever it enters into a contract or other written agreement with a third-party contractor under which the third-party contractor will receive student data or teacher or principal data from OU BOCES, the contract or written agreement will include provisions requiring that confidentiality of shared student data or teacher or principal data be maintained in accordance with law, regulation, and OU BOCES policy.

OU BOCES Approved Software List

Erie 1 BOCES Education Law 2D Contracts

Erie 1 BOCES Education Law 2D Contracts - Free Software