Data Privacy

The Fauquier County Public Schools (FCPS) is committed to the safety and security of online activities and interactions for its students, staff, and parents. Students receive digital citizenship instruction regarding responsible online behavior. When you teach digital citizenship to students, you help students navigate cyberbullying, privacy, internet safety, and other digital dilemmas.

About

Data Privacy and App (Resource) Approval

In today’s world of advancing online resources teachers, students, and parents are benefiting from an ever increasing wealth of tools to support teaching and learning, and the operations of the organization. The growth in these tools is extraordinary with great potential to improve outcomes. Along with this explosion in growth of online learning tools, comes the inherent risks of leakage of data and understandable concerns over privacy.

To accomplish the division’s mission and to comply with the law, the division may need to collect, create and store confidential information, including information regarding students, parents/guardians, employees, applicants for employment and others. The district will only do so when necessary and will take measures to keep this information confidential. Protecting this information is a priority and Fauquier County Public Schools (FCPS) is committed to maintaining strong privacy and security protections.

What is LearnPlatform?

FCPS is leveraging LearnPlatform to promote student data privacy compliance at the division, school and classroom level by:

  • Communicating what’s safe and approved for use division-wide or at the school-level
  • Standardizing how products are requested, reviewed, and approved
  • Building privacy compliance into edtech review and procurement processes
  • Sharing information on edtech use with parents and other stakeholders via the FCPS DIGITAL RESOURCE LIST button on the page.
  • Empowering more informed decision-making by aggregating privacy insights from trusted third parties.

Division Digital Resources

FCPS believes in the transparent use of data. Our Digital Resources page was established to share information with our staff, parents, students and community regarding the use of data and our commitment to data privacy.  This page includes a list of digital resources that have been evaluated or under evaluation by the division.  We feel that it is important that you not only know which resources have been approved, but also see which resources have been denied for division use and why. Any resource that uses student data is a priority concern.  The Division follows a process to ensure that all resources (software, applications and websites) are reviewed.

If a resource is not found in the list, then it will need to be submitted for review by the Digital Resource Approval team.

Logging into the LearnPlatform

There are resources used by staff that may not use or capture student data. These can be resources used by support staff, or classroom resources that do not require an account for a student or allow the student to upload content. It is still necessary for these resources to be submitted for review. The terms and conditions need to be evaluated as well as the technology infrastructure requirements. There are “free” resources that have terms that stated it is to only be used for personal use.

Submitting a Resource
If the resource is used with students, it is reviewed for appropriate instructional use, compliant with Children’s Online Privacy Protection Act (COPPA), Family Education Rights and Protection Act (FERPA) as well as Virginia policies to protect personally identifiable information of individuals before they are approved for use. To be approved, the vendor of the digital resource must either

  • Sign our data privacy agreement (when student information is involved), or
  • Be a signatory of the Student Privacy Pledge and signs the FCPS shortened privacy agreement (when student information is involved), or
  • Be vetted and approved by the FCPS privacy team, or
  • Not capture any personally identifiable information of students (e.g. students do not create an account nor do they upload content).

We will not allow the use of a digital resource by the submission of a parent consent form. The use of such a form removes FERPA rights for a parent/guardian. In addition, the permission form is required to

  • Specify the records that may be disclosed;
  • State the purpose of the disclosure;
  • Identify the party or class of parties to whom the disclosure may be made

Digital Resource Vendors – Expectations with Student Data

Digital Resource not Using Student Data

There are resources used by staff that may not use or capture student data. These can be resources used by support staff, or classroom resources that do not require an account for a student or allow the student to upload content. It is still necessary for these resources to be submitted for review. The terms and conditions need to be evaluated as well as the technology infrastructure requirements. There are “free” resources that have terms that stated it is to only be used for personal use.

Digital Resources Used with Student Data
If the resource is used with students, it is reviewed for appropriate instructional use, compliant with Children’s Online Privacy Protection Act (COPPA), Family Education Rights and Protection Act (FERPA) as well as Virginia policies to protect personally identifiable information of individuals before they are approved for use. To be approved, the vendor of the digital resource must either

  • Sign our data privacy agreement (when student information is involved), or
  • Be a signatory of the Student Privacy Pledge and signs the FCPS shortened privacy agreement (when student information is involved), or
  • Be vetted and approved by the FCPS privacy team, or
  • Not capture any personally identifiable information of students (e.g. students do not create an account nor do they upload content).

We will not allow the use of a digital resource by the submission of a parent consent form. The use of such a form removes FERPA rights for a parent/guardian. In addition, the permission form is required to containf

  • Specify the records that may be disclosed;
  • State the purpose of the disclosure;
  • Identify the party or class of parties to whom the disclosure may be made
The Vendor Will Not
  • collect, maintain, use or share Student personal identifiable information (PII) beyond that needed for authorized educational/school purposes, or as authorized by the parent/student;
  • sell student PII;
  • use or disclose student information collected through an educational/school service (whether personal information or otherwise) for behavioral targeting of advertisements to students;
  • build a personal profile of a student other than for supporting authorized educational/school purposes or as authorized by the parent/student;
  • make material changes to School Service Provider education privacy policies without first providing prominent notice to the users and/or account holder(s) (i.e., the institution/agency, or the parent/student when the information is collected directly from the student with student/parent consent) and allowing them choices before data is used in any manner inconsistent with terms they were initially provided; and not make material changes to other policies or practices governing the use of Student PII that are inconsistent with contractual requirements;
  • knowingly retain Student PII beyond the time period required to support the authorized educational/school purposes, or as authorized by the parent/student.
The Vendor Will
  • collect, use, share, and retain Student PII only for purposes for which we were authorized by the educational institution/agency, teacher or the parent/student.
  • disclose clearly in contracts or privacy policies, including in a manner easy for institutions and parents to find and understand, what types of Student PII we collect, if any, and the purposes for which the information we maintain is used or shared with third parties.
  • support access to and correction of Student PII by the student or their authorized parent, either by assisting the educational institution in meeting its requirements or directly when the information is collected directly from the student with student/parent consent.
  • maintain a comprehensive security program that is reasonably designed to protect the security, confidentiality, and integrity of Student PII against risks – such as unauthorized access or use, or unintended or inappropriate disclosure – through the use of administrative, technological, and physical safeguards appropriate to the sensitivity of the information.
  • provide resources to support educational institutions/agencies, teachers, or parents/students to protect the security and privacy of Student PII while using the educational service.
  • require that their vendors with whom Student PII is shared in order to deliver the educational service, if any, are obligated to follow these same commitments for the given Student PII.
  • allow a successor entity to maintain the Student PII, in the case of their merger or acquisition by another entity, provided the successor entity is subject to these same commitments for the previously collected Student PII.
  • incorporate privacy and security when developing or improving their educational products, tools, and services and comply with applicable laws.

Information

Privacy Resources

Student Data Privacy Consortium

The Student Data Privacy Consortium (SDPC) is an unique collaborative of schools, districts, regional, territories and state agencies, policy makers, trade organizations and marketplace providers addressing real-world, adaptable, and implementable solutions to growing data privacy concerns. 

Virginia belongs to the Consortium.

Student Privacy Compass

Student Privacy Compass is the student privacy resource center website. This site is your tool for finding information, news, and opinions on maintaining student data privacy. Student Privacy Compass is an initiative of the the Future of Privacy Forum.

Common sense media logo

Common Sense Media

The Common Sense Privacy Program evaluates privacy policies so that parents and teachers can make smart choices about the learning tools they use with their children and students, and so that schools and districts can participate in improving the technology used in K–12 classrooms.

CoSN - Protecting Privacy

Educators and policymakers are increasingly realizing the potential in using student data to make informed decisions. But even with all that potential, balancing technology advances with the need to protect student privacy and data is a major challenge. CoSN’s Protecting Privacy in Connected Learning initiative is here to help inform your efforts.

picture of book Protecting Student Privacy and a picture of author linnette attai

Webinar - Privacy in the Classroom

Technology Services, in coordination with CoSN, hosted a webinar with Linnette Attai on the topic  Privacy in the Classroom. Linnette is the founder of PlayWell LLC a compliance consulting firm helping companies and districts navigate regulations and best practices surrounding data privacy and user safety, as well as security, product development and marketing. She works with schools and youth groups, teaching stakeholders how to manage online privacy and safety, and serves as Project Director for CoSN’s Privacy Initiative and Trusted Learning Environment (TLE) program. FCPS is member of the CoSN Privacy Imitative team, and has participated in reviews of divisions that have submitted their application for the TLE Seal.


The presentation slide deck, and the video of the webinar are only available to staff of Fauquier County Public Schools.