The Student Online Personal Protection Act, or SOPPA, is the data privacy law that regulates student data collection and use by schools, the Illinois State Board of Education, and education technology (EdTech) vendors.
On August 23, 2019, Illinois Governor J.B. Pritzker signed into law a new version of SOPPA that gives parents greater control over student data. Among the changes is a new requirement to enact breach notifications that are available to the public.
SOPPA will also require Illinois school districts to provide additional guarantees that student data is protected when collected by EdTech companies and that data is used for beneficial purposes only. The law is effective on July 1, 2021.
What does it mean for you?
If you are a parent or guardian, you will have greater control over your child’s personal information. In many cases, SOPPA gives parents the right to inspect, correct, and delete their child’s data, regardless of whether it is held by a school or a third party EdTech vendor. Illinois schools will also be required to post on their web site the types of student data they share with EdTech vendors.
As a school we will be required to inform parents of the EdTech products in use in our classroom and ask for parental consent when appropriate. We will need to ensure the EdTech vendors chosen by staff are part of our approved vendors and have signed contracts with us.
Ensuring our scholars’ safety is critically important to Galapagos, and establishing protocols compliant with this legislation will enable us to do so consistently.
What’s next?
In preparation for the law going into effect on July 1, 2021, we are developing resources to support new requirements, protocols and regulations. These will include a portal to view data breach notifications and information about Galapagos vendors who receive scholar data.