Data Privacy and Security


Data Privacy Week

January 21st to the 27th, the OSDE recognizes Data Privacy Week, an international effort to raise awareness around the importance of data privacy. 

Please use these virtual backgrounds and posters to recognize and celebrate Data Privacy Week. 


Report a Student Data Security and Privacy Concern

If you would like to submit a student data security and privacy concern, please use the OSDE's Awareity Reporting System. Concerns can be submitted anonymous. After a concern is submitted, immediate notifications are sent to the appropriate personnel for further review if warranted. 


Informational Videos on Education Data Privacy & Security

  • Student Privacy 101: FERPA for Parents and Students 
  • FERPA Basics Introduction
  • What Parents Need to Know about Their Student's Data
  • What is the Protection of Pupil Rights Amendment?
  • Developing a Privacy Program for your District
  • Cybersecurity Best Practices for Schools and Districts
  • School Volunteers and FERPA
  • Email and Student Privacy
  • Responding to Ransomware Attacks

Important Provisions of the Oklahoma Student DATA Act of 2013

A. Defines student data, including how data are reported 

B. Requires the OSDE to publish a data dictionary, including justification for collections, call for new collections, and identification of unneeded collections

C. Restricts access to data - including through data requests, data reporting, and data-sharing agreements - to only those individuals for whom access is necessary to perform their assigned duties

D. Limits the transfer of student data across state lines to out-of-state OSDE contractors who require data to perform agency functions and to individual student-initiated events

E. Calls for the development of a security plan and regular security audits of the state data system

F. Binds vendors under contract with the OSDE that require system or data access to comply with privacy and security provisions of state and federal law

G. Establishes full transparency with oversight by the State Board of Education, legislature and governor regarding the collection of student data, the operation of the state system, and the use or release of student-level data

H. Calls for the OSDE's continuing compliance with the state law regarding P20 data and the development of a state longitudinal data system

The Oklahoma State Department of Education (OSDE) is committed to safeguarding the privacy and security of education data. The mission of the OSDE privacy program is to preserve and enhance privacy protections for all individuals who entrust their information to the OSDE by embedding and enforcing privacy protections throughout all of OSDE’s daily operations. OSDE strives to be a leader in education privacy policy and best privacy practices. 
 
Based on our commitment, this resource list is provided to help stakeholders remain informed of legislation impacting data privacy and security. The list is not intended to be comprehensive, however, it gives a general overview with access to resources.

The OSDE's Data Privacy and Security Data Governance Subcommittee meets biweekly to establish and ensure compliance with data privacy and security standards and best practices. For questions about data privacy and security at the OSDE, contact the data privacy team at [email protected].

Personally Identifiable Data

The OSDE regularly collects, stores, and shares personally identifiable data from public schools and school districts for a variety of purposes, including but not limited to compliance with federal and state laws and regulations.  

Personally identifiable data means information which can identify an individual or any other information that is linked or linkable to an individual. The OSDE only collects the minimally necessary personally identifiable data to comply with federal and state requirements.  

Pursuant to Title 74 O.S. § 3106.4, this document contains information on what personally identifiable data the OSDE stores and shares with select third parties in accordance with the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99).  

For questions about the OSDE's data sharing practices, please contact the Data Governance team at [email protected]

OSDE Data Privacy Program Plan

The purpose of the OSDE Data Privacy Program Plan is to provide an overview of OSDE’s Data Privacy Program (DPP). The DPP prioritizes and implements legal compliance with the Family Educational Rights and Privacy Act (FERPA), the Children's Online Privacy Protection Act (COPPA), and Protection of Pupil Rights Amendment (PPRA), as well as policy directives and best practices issued in furtherance of the Act.

State of Oklahoma Information Security Policy, Procedures, Guidelines

The contents of this document include the minimum Information Security Policy, as well as procedures, guidelines and best practices for the protection of the information assets of the State of Oklahoma. The Policy, as well as the procedures, guidelines and best practices apply to all state agencies. As such, they apply equally to all State employees, contractors or any entity that deals with State information.

Parent and Student Rights Under State and Federal Privacy Laws

The OSDE collects data from public schools and school districts on individual students for a variety of purposes, including, but not limited to, compliance with federal and state laws and regulations pertaining to accountability for student learning and expenditures of public funds.

Check out this document for information on Oklahoma and federal privacy laws that govern student data. Additionally, view this quick and easy guide to help you understand the federal laws (e.g. FERPA, COPPA, & PPRA) that protect student data, as well as students’ and parents’ rights under these laws. 

For additional information on student privacy, check out the website for the U.S. Department of Education Student Privacy Policy Office's Privacy Technical Assistance Center

For questions about student data privacy as it relates to adoptions, guardianships, or other custody situations, please contact your local school district. 

OMES Cyber Command

The OSDE works closely with the Office of Management & Enterprise Services (OMES) Cyber Command team to protect state users and their devices, networks, data and applications from malicious intent. 

Oklahoma Cyber Command’s top priority is safeguarding the state’s data and computer infrastructure against unauthorized data use, disclosure, modification, damage and loss. This work includes minimizing adverse consequences for individual privacy and ensuring compliance with privacy regulations by addressing policies and procedures, advising on risk and mitigation and providing support in the event of a privacy incident.

For information on the work Cyber Command is doing to help protect the OSDE's data, visit their website. Additionally, view a list of OMES's policies and standards that guide their work around data privacy and security here

Districts & Student Data Privacy

View the CoSN Student Data Privacy Toolkit for guidance to help schools and districts understand some of the fundamental requirements for protecting student data privacy. This toolkit provides guidance to create and improve your student data privacy program. Additionally, view these 10 foundational principles for using and safeguarding students' personal information to guide and motivate the design and improvement of a student data privacy program. 

For incorporating data privacy into the classroom, check out resources from Common Sense Education, which has some free K-12 lesson plans and activities to teach students how to be good digital citizens with healthy digital habits and skills. This website also features free teacher trainings on digital citizenship and student privacy. 

2024 Governor Proclamation for Data Privacy Week

Cybersecurity Awareness

 

 

Back to Top
Share This Page!
Last updated on October 11, 2024