These new standards require educational institutions and their third-party contractors to take a variety of steps to protect both institutional data and student data from potential outside cyber-threats, such as stealing data, holding information systems hostage and causing system disruptions.
The Law §2-d requires that each educational agency shall publish a parent’s bill of rights for data privacy and security. The law also requires that with each contract an educational agency enters with a third-party contractor, that receives personally identifiable information (PII), must contain a signed bill of rights and supplemental information. In turn, each educational agency will have to publish, on its website, the signed parent’s bill of rights and supplemental information to the bill of rights for each software contract.
The list of approved third-party contractors is shown below, with a link to each signed bill of rights.
* Note that this is the list of companies, not the list of software tools! If you are not able to find a product, (e.g. ReflexMath), go back to that product's log on page to determine it's company name (which for ReflexMath is "Explore Learning").