Student PRivacy and soppa

Meridian Charter Schools is committed to safeguarding our students’ data privacy. This section of our website is dedicated to providing transparency around our efforts and ensuring strict compliance with Illinois’ Student Online Personal Protection Act (SOPPA).

Reviewing the privacy policy and terms of service for each online provider is a key measure in safeguarding student information. It’s equally important to identify the third-party technologies active within the district and establish which providers have access to sensitive student data, allowing for proactive protection of student privacy.

What is SOPPA?

  • SOPPA, an Illinois state law, governs the privacy and security of student data when it is shared with or collected by educational technology companies. It regulates these companies, which provide online platforms, services, and mobile applications primarily for K–12 education.
  • Under SOPPA, these companies must adhere to specific prohibitions and responsibilities. The law prohibits companies from targeting advertisements to students, building profiles on them, selling or renting their information, or using their data except in restricted ways. Additionally, companies must comply with security standards for storing student data, delete data upon the school district’s request, and publish a clear privacy policy.
  • SOPPA also places obligations on school districts, such as establishing data-sharing agreements with many of these companies, and grants parents certain rights regarding their children’s data.
 

How Does Meridian Comply with SOPPA?

  • Under SOPPA, any company that designs, develops, and markets technology specifically for K–12 education and receives covered information from the District must sign a Data Sharing Agreement. This agreement specifies the data being shared, the reasons for its collection, and the methods for its use and protection. Additionally, these agreements include vendor attestations about their data security practices and outline specific actions to take in the event of a data breach. Typically, Data Sharing Agreements fall under the IL-NDPA (Data Privacy Agreement) and are documented in a publicly accessible workbook for reference. Please see the link referenced below for programs and agreements used at Meridian’s schools.
 

Guardian Rights:

Under Student Online Personal Protection Act (SOPPA), parents and guardians have the following rights beginning July 1, 2021:

  • Review and inspect the student’s covered information.
  • Request a paper or electronic copy of the student’s covered information from the school.
  • Seek corrections of factual inaccuracies in the student’s covered information, as permitted by state or federal laws.
  • Request the deletion of covered information, subject to applicable state or federal records laws.
  • Be informed about the authorized software being utilized in the classroom.
  • Provide consent for the use of authorized software as per established guidelines.
  • Receive notification from the district in the event of a breach involving covered information.

Third Party Privacy Agreements / Compliance:

  • Please use the following link to view a listing of all third party vendors. The table includes links to agreements that define SOPPA compliance and or an IL-NDPA which covers compliance.

For Additional inquiries please reach out to privacy@meridiancharterschools.org