If your administrator or IT department is asking about SLP Toolkit compliance with the California student data privacy laws, we've got you covered. You can find information about how to comply with the regulations below. Although we are well versed in the new statutes, we are not legal experts (we stick to speech pathology and software). So you should consult your district about how to fully comply too.
1. The Details
If you're so inclined, you can read the details concerning (SB1177), which is chapter 22.2, the Student Online Personal Information Protection Act. Here's a link to review it (click here).
2. Summary
There are four basic things the law prohibits:
Operators shall not target students with advertisements
Operator shall not create student profiles for commercial purposes
Operators shall not sell student information
Operators shall not disclose student information to anyone else
And two basic things the law requires:
Operators shall implement reasonable security procedures & protect student information
Operators shall delete student information upon request
These six things are no-brainers and SLP Toolkit has procedures in place to cover them all plus much more. In addition to reading our basic privacy policy (here) and procedures (here), you can generate a student data privacy agreement (see section 4 below).
3. Additional Useful information
You can all the student data elements that we collect, along with the reason we collect them in the knowledge base article below. You can print out a copy or save a PDF for your records.
We use subcontractors to store and access student data. Their information and their policies concerning privacy and security are listed in the knowledge base article below.
SLP Toolkit complies with FERPA and more information can be found in the article below.
SLP Toolkit uses best practices to securely store and transmit data to the SLPs with authorized access. You can read more about how we keep your data safe in the article below.
4. Data Sharing & Privacy Agreement
If your district would like a signed data sharing & privacy agreement (DSPA), you can generate and download one using this form (click here).
For those of you who are members of the California chapter of the Student Data Privacy Consortium (SDPC), we've got you covered too. You can download the agreement they have provided, with an "Exhibit H" (click here).
Hopefully, this demystifies the California student privacy laws and you can get on with helping the students. As always, let us know if there are any questions about this or other privacy standards by sending an email to privacy@slptoolkit.com or contacting support.