Student Online Personal Protection Act (SOPPA)
Student Online Personal Protection Act (SOPPA)
The Student Online Personal Protection Act, or SOPPA, is the data privacy law that regulates student data collection and use by schools, the Illinois State Board of Education, and District #124 vendors.
On August 23, 2019, Illinois Governor J.B. Pritzker signed into law a new version of SOPPA that gives parents/guardians greater control over student data. Among the changes is a new requirement to enact breach notifications that are available to the public.
SOPPA will also require Illinois school districts to provide additional guarantees that student data is protected when collected and that data is used for beneficial purposes only. The law is effective on July 1, 2021.
SOPPA requires that school districts must:
- Enter into written agreements with all K-12 service providers who collect student data. Covered data includes, but is not limited to: information in the student's educational record, first/last name, address, phone number, email address, grades, test results, socioeconomic information, photos, search activity, voice recordings, geolocation information, and more.
- Implement and maintain reasonable security practices. Student data is protected through comprehensive privacy policies and security measures such as firewalls, secure servers, intrusion detection software, and other methods. Written agreements with vendors require that the vendor also maintains security procedures.
- Post a list of operators. This list will include what data elements are shared, written agreements/contracts with the operator within 10 days of signing, & subcontractors for each operator.
The district adheres to the following applicable laws regarding student data and privacy:
- Children's Internet Protection Act (CIPA)
- Family Educational Rights and Privacy Act (FERPA)
- Illinois School Student Records Act (ISSRA)
- Student Online Personal Protection Act (SOPPA)
District-approved Web-based Tools/Applications and Written Agreements
District #124 values your child's privacy and strives to ensure that parents/guardians are aware of what web-based tools and applications that are being used for educational purposes. A list of all District #124 approved web-based tools, written agreements with operators, and a list of data elements shared can be found here: D124 Data Privacy Agreements
Parent/Guardian Rights
Parents/guardians have the right to inspect, review, and correct information maintained by the school, operator, and the Illinois State Board of Education. All requests should be directed to the Director of Technology by using the following email address: soppa.request@grantbulldogs.org.
Security
We employ reasonable security methods to prevent unauthorized access, maintain data accuracy, and ensure correct use of information.
Data Breaches
In the event that there is a data breach, the District will notify parents/guardians via district communication systems within 30 days the data breach and within 60 days if a third-party is responsible for the data breach.
If you would like to view the DPAs that Grant D124 currently holds, please click the following link: Grant D124 Data Privacy Agreements
Teacher - New Software Request Form
If you have any questions, please contact Tom Furlan, Director of Technology.