Skip to main content
California Department of Education Logo

Data Privacy

Laws, policies, and best practices related to both general and student data privacy at the California Department of Education. It provides data privacy information for parents, teachers, local education agencies, and the general public.
Privacy of Student Records Collected and Maintained by the California Department of Education
Statutory Authority

To meet its statutory responsibilities, the California Department of Education (CDE) collects and maintains personally identifiable information (PII) from the education records of California students. Such information may include the following:

  • Student’s name, identification number, address, race/ethnicity, gender, date of birth, place of birth, name and address of parent or guardian
  • Attendance data
  • Data regarding student progress, including grade level completed, school attended, course enrollment, academic work completed, and date of graduation
  • Standardized test scores
  • Disciplinary actions
  • Data regarding eligibility for, or participation in, school lunch programs
  • Data regarding eligibility for special education and special education services provided to the student
  • Data regarding eligibility for other compensatory programs and special program services provided to the student
The CDE adheres to the privacy requirements in the Family Educational Rights and Privacy Act (FERPA) of 1974, as amended (20 United States Code [U.S.C.] § 1232g; 34 Code of Federal Regulations [CFR] Part 99), The Richard B. Russell National School Lunch Act, as amended (42 U.S.C. § 2, 1751), the California Information Practices Act (California Civil Code Section 1798 et seq.), California Education Code (EC) Section 49062 et seq., Article 1, Section 1 of the California Constitution, and all other applicable federal and state laws and regulations that safeguard education records, privacy, and confidentiality.
Data Use

Data gathered by the CDE are used for many important purposes including:

Related CDE Resources
Outside Privacy Resources

The following is a list of data privacy resources developed and maintained outside of the CDE. While not vetted or endorsed by the CDE, these resources may provide assistance in understanding and navigating data privacy laws and issues.

  • Forum Guide to Education Data Privacy External link opens in new window or tab. – (PDF) This downloadable PDF was developed by the National Center for Education Statistics (NCES) Data Privacy Forum as a resource for state and local educational agencies (SEAs and LEAs) to use in assisting school staff in protecting the confidentiality of student data in instructional and administrative practices. SEAs and LEAs may also find the guide useful in developing privacy programs and related professional development programs.
  • Data Privacy Guidebook External link opens in new window or tab. – (PDF) This downloadable PDF developed by a collaboration of the California County Superintendents Educational Services Association (CCSESA), California Educational Technology Professionals Association (CETPA), and others provides tips and guidance for complying with student data privacy laws and best practices.
  • Family Policy Compliance Office (FPCO) External link opens in new window or tab. – The U.S. Department of Education’s (ED’s) FPCO provides students and parents with information related to the FERPA and the Protection of Pupil Rights Amendment (PPRA).
  • Privacy Technical Assistance Center (PTAC) External link opens in new window or tab. – The ED established the PTAC as a resource for education stakeholders to learn about data privacy, confidentiality, and security practices related to student data.
  • Student Privacy 101: FERPA for Parents and Students External link opens in new window or tab. (WMV) – This 4:03 minute video provides an overview of FERPA.
  • FERPA Sherpa Student Privacy Resource Center External link opens in new window or tab. – This resource developed and maintained by the nonprofit Future of Privacy Forum focuses on student data privacy and provides information from a variety of sources.
  • Protect Kids Online External link opens in new window or tab. – This is a resource developed by the Federal Trade Commission (FTC) to help parents/guardians understand and manage the risks associated with their child(ren)’s online presence.
  • Data Quality Campaign (DQC) External link opens in new window or tab. – The DQC is an advocacy group that focuses on data privacy issues.
  • Fair Information Practice Principles (FIPPs) External link opens in new window or tab. (PDF) – Exhibit A to the National Strategy for Trusted Entities in Cyberspace published by the National Institute of Standards and Technology (NIST). This document provides information on principles that many information technology (IT) professionals consider when evaluating systems, processes, and programs that will contain PII.
  • On Guard Online External link opens in new window or tab.  – This Web site, managed by the FTC in partnership with other federal agencies, provides tips to help citizens be safe, secure, and responsible online. A variety of tools for parents/guardians, educators, and the general public are provided.
  • Privacy Grade: Grading the Privacy of Smartphone Apps External link opens in new window or tab.  – Researchers from Carnegie Mellon University have developed this site to analyze and assign ratings to smartphone and tablet apps.
  • Special Publication 800-53, Revision 4 – Security and Privacy Controls for Federal Information Systems and Organizations External link opens in new window or tab.  (PDF) – This publication provides guidelines for selecting and specifying security controls for organizations and information systems supporting the executive agencies of the federal government to meet the privacy and security requirements of Federal Information Privacy Standards (FIPS) Publication 200.
  • Protecting Privacy in Connected Learning External link opens in new window or tab.  – This toolkit was developed by the Consortium of School Networking (CoSN) to help local educational agencies LEAs (in conjunction with their local legal counsel) navigate four major federal laws: FERPA, Children’s Online Privacy Protection Act (COPPA), Health Insurance Portability and Accountability Act (HIPAA) and the PPRA.
  • Model Notification of Rights for Elementary and Secondary Schools External link opens in new window or tab.  – This document is a sample form of the annual FERPA parental notification.
  • The Center for Digital Education’s “What Every K–12 Institution Should Look for in a Reference Architecture for Successful Private Cloud Deployment" External link opens in new window or tab. – This document provides the nonprofit Center for Digital Education’s suggested considerations for those LEAs who are contemplating cloud-based services.
Data Privacy Laws
Questions:   Educational Data Management Division/Education Data Office | | 916-319-0586
Last Reviewed: Monday, February 13, 2017
Trending in Data Privacy
  • Data Privacy (this page)
Recently Posted in Data Privacy
No items posted in the last 60 days.