Student Data Privacy
Student Online Personal Protection Act (SOPPA)
Effective July 1, 2021, Illinois school districts will be required by the Student Online Personal Protection Act (SOPPA) to provide additional guarantees that student data is protected when collected by educational technology companies, and that data is used for beneficial purposes only (105 ILCS 85).
As part of SOPPA, these companies must enter into Data Privacy Agreements (DPA) with each district that uses their products. These agreements outline what data is stored, how it is protected, what the company can and cannot do with that data, and what they will do in the event of a data breach. A listing of the District’s data privacy agreements for approved technology sites, apps, and web tools can be found here*.
**Please note that contracts may originate with other school districts, which appear on the first page of the contract. The last page (Exhibit E) of these documents indicates District 28's contractual agreement.
Data Breaches
District 28 will post details here about data breaches involving 10% or more of the District's students, including the number of students whose covered information was involved in the breach, date of breach (or estimate) and operator name.
More about SOPPA
The Learning Technology Center of Illinois provides details on district requirements for SOPPA.
Other Student Data Privacy Laws
The Learning Technology Center of Illinois summarizes important laws that protect student data.
Contact
Requests for additional information relating to student data privacy should be directed to Technology Director Maria Stavropoulos