Parents' Bill of Rights for Data Privacy and Security

The Camden Central School District seeks to use the current technology, including electronic storage, retrieval, and analysis of information about students' education experience in the district, to enhance the opportunities for learning and to increase the efficiency of our district and school operations.
The Camden Central School District seeks to insure that parents have information about how the District stores, retrieves, and uses information about students, and to meet all legal requirements for maintaining the privacy and security of protected student data and protected principal and teacher data, including Section 2-d of the New York State Education Law.
To further these goals, the Camden Central School District has posted this Parents' Bill of Rights for Data Privacy and Security.
  1. A student's personally identifiable information cannot be sold or released for any commercial purposes.
  2. Parents have the right to inspect and review the complete contents of their child's education record. The procedures for exercising this right can be found in Board Policy 5051. You can access the Camden Central School District Board of Education Policies here: http://web2.moboces.org/districtpolicies/?public=camden
  3. State and federal laws protect the confidentiality of personally identifiable information, and safeguards associated with industry standards and best practices, including but limited to, encryption, firewalls, and password protection, must be in place when data is stored or transferred.
  4. A complete list of all student data elements collected by New York State is available at /UserFiles/Servers/Server_612202/File/District/Parents' Bill of Rights for Data Privacy and Security/NYSEDstudentData.xlsx and a copy may be obtained by writing to the Office of Information & Reporting Services, New York sTate Education Department, Room 863 EBA, 89 Washington Avenue, Albany, New York 12234.
  5. Parents have the right to have complaints about possible breaches of student data addressed. Complaints should be directed in writing to the Chief Privacy Officer, New York State Education Department, Room 863 EBA, 89 Washington Avenue, Albany, New York 12234.
Supplemental Information About Third Party Contracts
In order to meet 21st Century expectations for effective education and efficient operation, the District utilizes several products and services that involve third party contractors receiving access to student data, or principal or teacher data, protected by Section 2-d of the Education Law. The District recognizes that students, parents, and the school community have a legitimate interest in understanding which of the District's vendors receive that data, for what purpose, and under what conditions. The District has undertaken the task of compiling that information, and of insuring that each new contract adequately describes (1) the exclusive purposes for which the data will be used, (2) how the contractor will ensure that any subcontractors it uses will abide by data protection and security requirements, (3) when the contract expires and what happens to the data at that time, (4) if and how an affected party can challenge the accuracy of the data is collected, (5) where the data will be stored, and (6) the security protections taken to ensure the data will be protected, including whether the data will be encrypted.
Education Law Section 2-d and Family Educational Rights and Privacy Act (FERPA)
Education Law Section 2-d: When student data is exchanged between school district, or between school district and a BOCES, that exchange takes place between two "educational agencies." Also, the MORIC staff who access the data are employed by an "educational agency" (Madison-Oneida BOCES). Therefore, no "third party contractor" is involved, and Section 2-d is not applicable.
FERPA: The general rule under FERPA is that a school district or BOCES may not disclose "personally identifiable information" (PII) from a student's education record without prior consent of the student's family. However, there are two exceptions built into FERPA that enable school districts to give each other, and MORIC staff, access to student education records if the appropriate language has been included in the school district's annual FERPA notification.