There are many federal and state laws that protect and safeguard student data. These laws help ensure data is protected while still fostering a culture that uses data for continuous improvement.
CIPA requires K-12 schools and libraries receiving federal discounts for internet access to implement internet safety policies that prevent students from accessing inappropriate and/or harmful material and protect against the unauthorized disclosure, use, and dissemination of minor's personal information.
COPPA regulates how commercial entities may collect and use information collected online from children under the age of 13, including the rules about parental consent.
Federal law on the privacy of students' educational records, FERPA safeguards student privacy by limiting who may access student records, specifying for what purpose they may access those records, and detailing what rules they have to follow when accessing the data.
HIPAA establishes privacy and security rules regarding access to protected health information in certain kinds of health records, including health place, health care clearinghouses, and health care providers. When health information about a student appears in an education record, FERPA governs the protection of the data, not HIPPA
PPRA defines the rules states and districts must follow when administering tools like surveys, analyses, and evaluations funded by the US Department of Education to students. It requires parental consent to administer many tools and ensures school districts have policies in place regarding how the data collected through these tools can be used.
Adopted in 2015, The Student Online Personal Information Act governs how online service providers can collect, access, and use student data and prohibits online service providers from using student data for commercial or secondary purposes, while still allowing for personalized learning and service innovation and improvement. SOPIPA allows educators to use online services while still safeguarding student privacy.