CPS alliances have created influential national agreements in several states such as California and Massachusetts. In recent years, other government alliances have increasingly adapted versions of the California and Massachusetts agreements in their own states to reduce the burden of contracts with their service providers. In the wake of the growing popularity of state-level data protection authorities and calls for basic agreements for their alliances, the CPDS has formed a working group to create a set of national standards that are as consistent as possible with Edtech`s laws, requirements and business practices. The adoption of the NDPA will benefit schools, districts and businesses, as it will create a common basis for opening data protection negotiations for students. Although it does not apply perfectly to everyone, the agreement will save contracts for all education stakeholders. This efficiency, in turn, will allow schools and districts to better protect student data by providing important services and education to American students. Educators and principals should review and understand their obligations under the Connecticut Student Data Protection Act (Connecticut General Statutes 10-234aa at 10-234dd). The law applies to all situations in which districts use educational technologies that collect or access students` personal information. A detailed analysis of the law and recommendations for revisions can be included in the Data Protection Task Force report (March 2019). To comply with the law, districts must have (A) existing contracts with vendors that comply with Connecticut`s data protection law, i.e. (B) limit their use of software to titles provided by companies that have signed the Connecticut Student Data Privacy Pledge. Districts can refer to the Connecticut Education Hub to view a full list of software backed up by the compliancy pledged software.
In the following sections, you`ll find more details on access to the Hub and how to encourage suppliers to comply with the law. Utah law states that the assignment function with third parties takes into account a certain respect for privacy. It is only when personal data (PII) is disclosed from an educational data set that requirements are triggered. You can go through this flow diagram to determine when you will receive a Dpa. We are inserting a new project that helps schools send contracts to EdTech suppliers to meet student data protection requirements. Utah State Legislature, Title 53E-9-309: Third-party schools require schools to include privacy rules for students in all agreements made by third parties who receive personal data (PII) from students.