Data Privacy and Security Links

  • Parent’s Bill of Rights
    Data Privacy Policy
    Data Unauthorized Disclosure Complaint Form (Electronic)
    Printable Unauthorized Data Disclosure Incident Form

    Parents Bill of Rights for Data Privacy and Security

    Pursuant to Section 2-d of the New York State Education Law, parents and eligible students are entitled to certain protections regarding personally identifiable student information. The Suffern  Central School District is committed to safeguarding personally identifiable information from  unauthorized access or disclosure as set forth below: 

    1. A student's personally identifiable information cannot be sold or released for any commercial purposes. 
    2. Parents have the right to inspect and review the complete contents of their child's education record stored or maintained by the educational agency. 
    3. The District is committed to implementing safeguards associated with industry standards and best practices under state and federal laws protecting the confidentiality of personally identifiable information, including but not limited to, encryption, firewalls, and password protection, which must be in place when data is stored or transferred. 
    4. A complete list of all student data elements collected by the State is available for public review at http://www.nysed.gov/data-privacy-security/student-data-inventory, or by writing to the NYS Education Department, Information & Reporting Services, Room 863  EBA, 89 Washington Avenue, Albany, NY 12234. 
    5. Parents have the right to have complaints about possible breaches of student data addressed. Complaints should be directed to Dr. Lillian Rinchiera, 45 Mountain Ave.  Hillburn, New York 10931. 845-357-7783 ext. 11259 
    6. To be notified in accordance with applicable laws and regulations if a breach or unauthorized release of personally identifiable information occurs. 
    7. The District has entered into contracts with certain third-party contractors (“TPC”) who have been sent personally identifiable student data as defined in 34 C.F.R. §99.3 and/or personally identifying teacher and/or principal data as defined by Education Law §3012- c(10). The following information about such contractors appears in such supplemental  information to this document for each contract with a TPC, as required by law: 
      • The exclusive purposes for which the student or teacher or principal data will be  used by the TPC, as defined in the contract; 
      • How the TPC will ensure that its subcontractors or other authorized individuals  who will be in receipt of the data will abide by the applicable data privacy and  security requirements of the federal and state laws and regulations (e.g., FERPA;  Education Law §2-d); 
      • The duration of the contract that sets forth its expiration date and description of  what will be done with the data upon the expiration of the contract (e.g. whether, when and in what format the data will be returned to the educational agency or  destroyed); and
      • If and how a parent, student, eligible student, teacher or principal may challenge the accuracy of the data that is collected. 
    1. Educational agency workers that handle personally identifiable information will receive training on applicable state and federal laws, the educational agency’s policies, and safeguards associated with industry standards and best practices that protect such information. 
    2. Agreements with TPCs will ensure that the subcontractors, persons or entities with whom the TPC will share the student data or teacher or principal data, if any, will abide by data protection and security requirements. 
    3. A parent, student, eligible student, teacher, or principal may challenge the accuracy of the student data or teacher or principal data that is collected by filing a written request with the  Superintendent of Schools or her administrative designee, Lillian Rinchiera, 45 Mountain  Ave. Hillburn, New York 10931.