Student data is protected through comprehensive privacy policies and security measures such as firewalls, secure servers, intrusion detection software, and other methods.
Effective July 1, 2021, school districts will be required by the Student Online Personal Protection Act (SOPPA) to provide additional guarantees that student data is protected when collected by the educational technology companies, and that data is used for beneficial purposes only (105 ILCS 85). In compliance, District 45 only collects information that directly relates to school activities and safeguards the privacy of students and confidentiality of student data.
Federal and State law govern the protection of student data, including school student records and/or covered information. The sale, rental, lease, or trading of any school student records or covered information by the District is prohibited. Protecting such information is important for legal compliance, District operations, and maintaining the trust of District stakeholders, including parents, students and staff. The Board designates the Superintendent to serve as Privacy Officer, who shall ensure the District complies with the duties and responsibilities required of it under the Student Online Personal Protection Act, 105 ILCS 85/, amended by P.A. 101-516, eff. 7-1-21.
District 45 values your child’s privacy and strives to ensure that parents are aware of what web-based tools and applications are being used for educational purposes. A list of D45 approved web-based tools, written agreements with operators, and a list of data elements shared can be found and reviewed here.
Parents have the right to inspect, review, and correct information maintained by the school, operator, and the Illinois State Board of Education. All requests should be directed to the District 45 Technology Department. Please email them at [email protected]
In the event that there is a data breach, District 45 notify parents via district communication systems within 30 days of a data breach and within 60 days if a third-party is responsible for the data breach.