Membership in the Community and usage of the tools being used across the country, will fulfil the NY obligations to:
- Develop and implement a Data Security and Privacy Policy.
- Include it in every contract with a third-party contractor that receives PII.
- Mandate that all third-party contractors submit a Data Security and Privacy Plan for each contract to demonstrate how they will protect PII.
- Support the adoption the NIST Cybersecurity Framework as the standard for data privacy and security and meet the requirements to ensure they are adequately protecting PII.
The Community does not address the more state specific requirements around:
- Appoint a Data Protection Officer with appropriate knowledge, training, and experience to oversee data security and privacy.
- Conduct security training for educational agency employees.
- Publish a Parent’s Bill of Rights
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article