• SOPPA

    Overview

    District 204 takes the privacy of our students' data seriously. Effective July 1, 2021, school districts will be required by the Student Online Personal Protection Act (SOPPA) to provide additional guarantees of the following:

    Student data is protected when collected by educational technology companies, and
    Such data is used for beneficial purposes only.

    The full text of the Student Online Personal Protection Act is available here:

    https://www.ilga.gov/legislation/ilcs/ilcs3.asp?ActID=3806&ChapterID=17
    SOPPA and IPSD 204

    Information on data privacy agreements can be found here:

    https://ipsd.app.learnplatform.com/new/public/tools 

    For information on opting out of data collection, email us at curriculum@ipsd.org.

    SOPPA Requirements

    Below is a high-level overview of the new requirements. Please refer to the legislation for specific timelines and components of each element. School districts must:

    • Annually post a list of all operators of online services or applications utilized by the district.
    • Annually post all data elements that the school collects, maintains, or discloses to any entity. This information must also explain how the school uses the data, and to whom and why it discloses the data.
    • Post contracts for each operator within 10 days of signing.
    • Annually post subcontractors for each operator.
    • Post the process for how parents can exercise their rights to inspect, review and correct information maintained by the school, operator, or ISBE.
    • Post data breaches within 10 days and notify parents within 30 days.
    • Create a policy for who can sign contracts with operators.
    • Designate a privacy officer to ensure compliance.
    • Maintain reasonable security procedures and practices. Agreements with vendors in which information is shared must include a provision that the vendor maintains reasonable security procedures and practices.

    Please note that some district courses could utilize an online resource that does not fall under the SOPPA guidelines, meaning the product is created for post-secondary or professional audiences, thus a Data Privacy agreement is not in place between the district and operator. If a student is in a course using such a resource that will be shared via the teacher through the course syllabus. All such resources have been reviewed and approved by our Curriculum and Instruction Department and Tech Services Department. If you have any questions, you can email curriculum@ipsd.org.