Ed Law 2d | Parent’s Bill of Rights | Smart Schools Investment Plan | Data Privacy Policy | Resources
Ed Law 2d
What is Education Law 2d?
In 2020, The New York State Department of Education adopted a new law focused on the privacy and security of student and staff personally identifiable information (PII). The Educational Law Section 2d, known amongst NY schools as Ed Law 2d, provides “guidance to educational agencies and their third-party contractors on ways to strengthen data privacy and security to protect student data and annual professional performance review data.”
NY Ed Law 2d Security Requirements
In order to strengthen data security and privacy, the New York State Education Department (NYSED), now requires the following of all educational agencies:
Adopt the NIST Cybersecurity Framework as the standard for data privacy and security and meet the requirements to ensure they are adequately protecting PII.
- Appoint a Data Protection Officer with appropriate knowledge, training, and experience to oversee data security and privacy.
- Develop and implement a Data Security and Privacy Policy.
- Conduct security training for educational agency employees.
- Publish a Parent’s Bill of Rights and include it in every contract with a third-party contractor that receives PII.
- Mandate that all third-party contractors submit a Data Security and Privacy
- Plan for each contract to demonstrate how they will protect PII.
Data Protection Officer
Superintendent Erin E. Woods
Data Protection Officer
Phone (315) 562-8132, ext. 25532
Fax (315) 562-2477
Approved Software, Subscriptions & Vendors
Parent’s Bill of Rights
Parents (including legal guardians or persons in parental relationships) and Eligible Students (students 18 years and older) can expect the following:
- A student’s personally identifiable information (PII) cannot be sold or released for any Commercial or Marketing purpose. PII, as defined by Education Law§ 2-d and the Family Educational Rights and Privacy Act (“FERPA”), includes direct identifiers such as a student’s name or identification number, parent’s name, or address; and indirect identifiers such as a student’s date of birth, which when linked to or combined with other information can be used to distinguish or trace a student’s identity. Please see FERPA’s regulations at 34 CFR 99.3 for a more complete definition.
- The right to inspect and review the complete contents of the student’s education record stored or maintained by an educational agency. This right may not apply to Parents of an Eligible Student.
- State and federal laws such as Education Law§ 2-d; the Commissioner of Education’s Regulations at 8 NYCRR Part 121, FERPA at 12 U.S.C. 1232g (34 CFR Part 99); Children’s Online Privacy Protection Act (“COPPA”) at 15 U.S.C. 6501-6502 (16 CFR Part 312); Protection of Pupil Rights Amendment (“PPRA”) at 20 U.S.C. 1232h (34 CFR Part 98); and the Individuals with Disabilities Education Act (“IDEA”) at 20 U.S.C. 1400 et seq. (34 CFR Part 300); protect the confidentiality of a student’s identifiable information.
- Safeguards associated with industry standards and best practices including, but not limited to, encryption, firewalls and password protection must be in place when student PII is stored or transferred.
- A complete list of all student data elements collected by NYSED is available online and can be requested by writing to:
Chief Privacy Officer, New York State Education Department
89 Washington Avenue
Albany, NY 12234 - The right to have complaints about possible breaches and unauthorized disclosures of PII addressed.
- Complaints should be submitted to the EA, Erin Woods, 315-562-8130
- Complaints may also be submitted to the NYS Education Department online, by email; by telephone at (518) 474-0937 or by mail to:
Chief Privacy Officer, New York State Education Department
89 Washington Avenue
Albany, NY 12234
- To be notified in accordance with applicable laws and regulations if a breach or unauthorized release of PII occurs.
- Educational agency workers that handle PII will receive training on applicable state and federal laws, policies, and safeguards associated with industry standards and best practices that protect PII.
- Educational agency contracts with vendors that receive PII will address statutory and regulatory data privacy and security requirements.
Smart Schools Investment Plan
The Edwards-Knox Central School District’s Smart Schools Investment Plan was produced in accordance with the New York State Smart Schools Bond Act, approved by voters in November 2014. The $2 billion bond act is intended to provide school districts with funding for new educational technology and infrastructure improvements to enhance learning opportunities for all students across the state.
View the Smart Schools Investment Plan on the New York State Education Department website.
Departments and Services Links
Technology & Data Privacy contact information
Erik Robinson
SLL BOCES Computer Technician
Phone 315-562-8130 ext. 25502
St. Lawrence-Lewis BOCES Help Desk
Phone (315) 386-4504 ext. 10101
Data Privacy & Security Policy
The District is committed to maintaining the privacy and security of student data and teacher and principal data and will follow all applicable laws and regulations for the handling and storage of this data in the District and when disclosing or releasing it to others, including, but not limited to, third-party contractors.
View Policy 5676: Privacy and Security for Student Data and Teacher and Principal Data.