We are committed to protecting the information security of Knoxville CUSD #202 students in accordance with the latest version of the Student Online Personal Protection Act.
What is SOPPA?
The Student Online Personal Protection Act, or SOPPA, is the data privacy law that regulates student data collection and use by schools, the Illinois State Board of Education, and education technology (EdTech) vendors.
On August 23, 2019, Illinois Governor J.B. Pritzker signed into law a new version of SOPPA that gives parents greater control over student data. Among the changes is a new requirement to enact breach notifications that are available to the public.
What does it mean for Knoxville CUSD #202 families?
What happens to the student data that we send to a third-party vendor? Information like student name, course number, homeroom information, or student grade may be provided by Knoxville CUSD #202 to a third-party educational vendor like EnVision, Wonders, NWEA MAP, etc. What protections do those companies have in place to make sure that our student’s data is not sold or freely given to others? This is exactly what SOPPA looks to address. As part of SOPPA, these companies must enter into Data Privacy Agreements (DPA) with each district they work with. These agreements outline what data is stored, how it is protected, what the company can and cannot do with that data, and what they will do in the event of a data breach. To learn more about SOPPA, watch this short video.
Parents or Guardians can request to see what specific student data is being shared for their child(ren) by emailing us at email@example.com.
What does it mean for Knoxville CUSD #202 staff?
If you are a teacher you will need to inform parents of the EdTech products you have chosen for your classroom and ask for parental consent when appropriate. As you find new tools, apps, websites, and educational resources, you will need to submit a request to have them vetted for SOPPA compliance prior to use.
If you are a building principal, you will need to ensure the EdTech vendors chosen by staff are part of our approved vendors and have signed contracts with us.
Data Privacy Agreements (DPA’s)
Knoxville CUSD #202 leverages the Student Data Privacy Consortium (SDPC), which is a unique collaborative of schools, districts, regional, territories and state agencies, policymakers, trade organizations, and marketplace providers addressing real-world, adaptable, and implementable solutions to growing data privacy concerns. If you would like to read more about the SDPC, click here. Through the SDPC we enter into contracts with 3rd party vendors who handle our student’s data. If you would like to view the DPAs that Knoxville CUSD #202 currently holds, please click the following link. (Please note, other vendors are being added daily, so if you don’t see one here that you believe should be on the list, check back soon.)
Ensuring our students’ safety is critically important to Knoxville CUSD #202 and establishing protocols compliant with this legislation will enable us to do so consistently.
Student Online Personal Protection Act - SOPPA (105 ILCS 85/)
School districts throughout the State of Illinois contract with different educational technology vendors for beneficial K-12 purposes such as providing personalized learning and innovative educational technologies, and increasing efficiency in school operations.
Under Illinois’ Student Online Personal Protection Act, or SOPPA (105 ILCS 85/), educational technology vendors and other entities that operate Internet websites, online services, online applications, or mobile applications that are designed, marketed, and primarily used for K-12 school purposes are referred to in SOPPA as operators. SOPPA is intended to ensure that student data collected by operators is protected, and it requires those vendors, as well as school districts and the Ill. State Board of Education, to take a number of actions to protect online student data.
Depending upon the particular educational technology being used, our District may need to collect different types of student data, which is then shared with educational technology vendors through their online sites, services, and/or applications. Under SOPPA, educational technology vendors are prohibited from selling or renting a student’s information or from engaging in targeted advertising using a student’s information. Such vendors may only disclose student data for K-12 school purposes and other limited purposes permitted under the law.
In general terms, the types of student data that may be collected and shared include personally identifiable information (PII) about students or information that can be linked to PII about students, such as:
Basic identifying information, including student or parent/guardian name and student or parent/guardian contact information, username/password, student ID number
Assessment data, grades, and transcripts
Attendance and class schedule
Special indicators (e.g., disability information, English language learner, free/reduced meals or homeless/foster care status)
In-application performance data
Application metadata and application use statistics
Permanent and temporary school student record information
Operators may collect and use student data only for K-12 purposes, which are purposes that aid in the administration of school activities, such as:
Instruction in the classroom or at home (including remote learning)
Collaboration between students, school personnel, and/or parents/guardians ● Other activities that are for the use and benefit of the school district
PRESS 7:345-AP, E2, Student Data Privacy; Notice to Parents About Educational Technology Vendors
If you have questions, concerns, or suggestions about SOPPA, email us at firstname.lastname@example.org.