Tuesday Tech Tidbits January 09, 2024

 TUESDAY TECH TIDBITS: 

   A technology blog supporting the SAU16 staff.  

by Sandy Blanc      

Revisiting Student Data Privacy

(NH RSA 189:66-68A)

Happy New Year! As we enter 2024, it's an opportune moment to revisit the subject of student data privacy, particularly in the context of New Hampshire laws, and its implications for SAU16 staff. While this may be familiar territory for many, it's worth noting that there have been some minor adjustments in our SAU16 flowchart for assessing the need for a "DPA" (Data Privacy Agreement). Overall, it's crucial to review, comprehend, and stay informed about this information. This becomes even more pertinent as we delve into new technology integrations, especially with the arrival of Artificial Intelligence (AI).

On June 18, 2018, New Hampshire Governor Chris Sununu signed House Bill 1612 (HB 1612), which took effect on August 11, 2018. The legislation aimed to establish minimum standards for the protection of students' and employees' data. It mandated the New Hampshire Department of Education to define these standards, drawing from best practices for local agencies. HB 1612 was signed into law and became New Hampshire RSA 189:66-68a.

• Section: 189:65 Definitions
• Section: 189:66 Data Inventory and Policies Publication
• Section: 189:67 Limits on Disclosure of Information
• Section: 189:68 Student Privacy
• Section: 189:68-a Student Online Personal Information
• NH RSA 359-C:20 Notice of Breach

What does this mean for SAU16? 

Our district is obligated to safeguard students' personally identifiable information (PII). This protection involves verifying that websites, applications, and extensions used in schools adhere to the guidelines outlined in the New Hampshire Student Data Privacy Agreement (DPA). The Student Data Privacy Consortium (SDPC) aids school districts by working with companies, facilitating the signing of the DPA, and maintaining a record of applications that have either signed the DPA, been rejected, or have amendments to their approval.

SAU16 is a member of the Student Data Privacy Consortium (SDPC). The SDPC was developed in response to NH RSA 189:66-189:68a. New Hampshire requires the protection of student personally identifiable information (PII). RSA 189:68a defines PII below, 

(a) and is descriptive of a student or otherwise identifies a student, including, but not limited to, information in the student's educational record or email, first and last name, home address, date of birth, telephone number, unique pupil identifier, social security number, financial or insurance account numbers, email address, other information that allows physical or online contact, discipline records, test results, special education data, juvenile dependency records, grades, evaluations, criminal records, medical records, health records, biometric information, disabilities, socioeconomic information, food purchases, political affiliations, religious information, text messages, documents, other student identifiers, search activity, photos, voice recordings, or geo-location information."

How does a SAU16 staff member know if they can use an application or not with students?

If staff wish to utilize an application with students, it is imperative that they verify whether the application involves the use of student personally identifiable information (PII) and confirm that the application has a signed data privacy agreement in place. 

To view current applications and the status for SAU16, you can start by looking at;

SAU16 DPA Status - From the Student Data Privacy Consortium 

• The technology department created a SAU16 Student Data Privacy Agreement flow chart to help you navigate using technology with students in the classroom. 

• UPDATED Student DPA Flow Chart 2023