Data Privacy and Security
New York State Education Law Section 2-d and the Family Educational Rights and Privacy Act provide clear protections for student data, and NYSED is committed to complying with all applicable laws. The New York State Department of Education has committed to promoting the least intrusive data collection policies practicable that advance the goals of improving academic achievement, empowering parents with information and advancing efficient and effective school operations while minimizing the collection and transmission of personally identifiable information, and will work to ensure that this is reflected in the practices of every educational agency in New York State by developing policies and standards that will provide clear guidance to the field.
Regulatory changes to increase information security measures to safeguard the Personally Identifiable Information (PII) of students and certain school personnel. Part 121 regulations outline requirements for educational agencies and their third-party contractors to ensure the security and privacy of such protected information and were developed in consultation with stakeholders and the public.
Data Protection Officer
Andrew Wheelock
EMAIL: HERE
Phone: 716-679-1581 Ext. 2746
Fredonia Central School District parents, eligible students (students who are at least 18 years of age or attending a postsecondary institution at any age), principals, teachers, and employees of an educational agency may file a complaint about a possible breach or improper disclosure of student data and/or protected teacher or principal data.
The District will inform parents, through its Parents' Bill of Rights for Data Privacy and Security that they have the right to submit complaints about possible breaches of student data to the Chief Privacy Officer at NYSED @ Electronic Form - nysed-cpo-data-incident-reporting-form or to the district directly or contacting Andrew Wheelock, Data Protection officer (awheelock@fcsd.wnyric.org) (716-679-1581 ext 2746).
In addition, the District has established the following procedures for parents, eligible students, teachers, principals, and other District staff to file complaints with the District about breaches or unauthorized releases of student data and/or teacher or principal data:
a. All complaints must be submitted to the District's Data Protection Officer in writing or using the form below.
b. Upon receipt of a complaint, the District will promptly acknowledge receipt of the complaint, commence an investigation, and take the necessary precautions to protect PII.
c. Following the investigation of a submitted complaint, the District will provide the individual who filed the complaint with its findings. This will be completed within a reasonable period of time, but no more than 60 calendar days from the receipt of the complaint by the
District.
d. If the District requires additional time, or where the response may compromise security or impede a law enforcement investigation, the
District will provide the individual who filed the complaint with a written explanation that includes the approximate date when the
District anticipates that it will respond to the complaint.
These procedures will be disseminated to parents, eligible students, teachers, principals, and other District staff.
The District will maintain a record of all complaints of breaches or unauthorized releases of student data and their disposition in accordance with applicable data retention policies, including the Records Retention and Disposition Schedule ED-1 (1988; rev. 2004).