Data Privacy

Laws, policies, and best practices related to both general and student data privacy at the California Department of Education. It provides data privacy information for parents, teachers, local education agencies, and the general public.

Privacy of Student Records Collected and Maintained by the California Department of Education

Statutory Authority

To meet its statutory responsibilities, the California Department of Education (CDE) collects and maintains personally identifiable information (PII) from the education records of California students. Such information may include the following:

Student’s name, identification number, address, race/ethnicity, gender, date of birth, place of birth, name and address of parent or guardian
Attendance data
Data regarding student progress, including grade level completed, school attended, course enrollment, academic work completed, and date of graduation
Standardized test scores
Disciplinary actions
Data regarding eligibility for, or participation in, school lunch programs
Data regarding eligibility for special education and special education services provided to the student
Data regarding eligibility for other compensatory programs and special program services provided to the student

The CDE adheres to the privacy requirements in the Family Educational Rights and Privacy Act (FERPA) of 1974, as amended (20 United States Code [U.S.C.] § 1232g; 34 Code of Federal Regulations [CFR] Part 99), The Richard B. Russell National School Lunch Act, as amended (42 U.S.C. § 2, 1751), the California Information Practices Act (California Civil Code Section 1798 et seq.), California Business & Professions Code § 22584, California Education Code (EC) §§ 49062, 49073.1, 49073.6 et seq., section 49073.1, Article 1, Section 1 of the California Constitution, and all other applicable federal and state laws and regulations that safeguard education records, privacy, and confidentiality.

Data Use

Data gathered by the CDE are used for many important purposes including:

Calculating the California School Dashboard's Indicators of School Success (PDF)
Generating DataQuest reports about California schools and districts
Generating the CDE’s Downloadable Data Files
Providing fiscal, demographic, and performance data on California’s K-12 Schools for Ed Data
Calculating state and federal categorical funding disbursements via the Consolidated Application
Calculating Local Control Funding Formula apportionments
Administering Nutrition Services Programs

Related CDE Resources

Data Requests
Information on policies and procedures for requesting CDE data
Data Resource Guide
Catalog of the CDE’s data assets
FERPA Summary Page
Summary information and links to information regarding the FERPA
California Longitudinal Pupil Achievement Data System (CALPADS)
Information regarding the CDE’s longitudinal data system

Outside Privacy Resources

The following is a list of data privacy resources developed and maintained outside of the CDE. While not vetted or endorsed by the CDE, these resources may provide assistance in understanding and navigating data privacy laws and issues.

Houston Independent School District
This Web site offers both English and Spanish language content on various cyber safety topics (e.g., social media, cyber bullying, sexting, online gaming) for students, parents, and educators.
Common Sense Media Privacy and Internet Safety
This Web site provides age-based tips for protecting kids online
Common Sense Education EdTech Product Privacy Evaluations
This Web site provides privacy evaluations of over 100 commonly-used educational technology tools
The Privacy Paradox
This Web site features tools, tips, resources, podcast segments, and a 5 day program to help digital content consumers understand privacy and manage digital identity.
Forum Guide to Education Data Privacy (PDF)
This downloadable PDF was developed by the National Center for Education Statistics (NCES) Data Privacy Forum as a resource for state and local educational agencies (SEAs and LEAs) to use in assisting school staff in protecting the confidentiality of student data in instructional and administrative practices. SEAs and LEAs may also find the guide useful in developing privacy programs and related professional development programs.
Data Privacy Guidebook (PDF)
This downloadable PDF developed by a collaboration of the California County Superintendents Educational Services Association (CCSESA), California Educational Technology Professionals Association (CETPA), and others provides tips and guidance for complying with student data privacy laws and best practices.
Family Policy Compliance Office (FPCO)
The U.S. Department of Education’s (ED’s) FPCO provides students and parents with information related to the FERPA and the Protection of Pupil Rights Amendment (PPRA).
Privacy Technical Assistance Center (PTAC)
The ED established the PTAC as a resource for education stakeholders to learn about data privacy, confidentiality, and security practices related to student data.
Student Privacy 101: FERPA for Parents and Students (Video; 4:03)
This 4:03 minute video provides an overview of FERPA.
FERPA Sherpa Student Privacy Resource Center
This resource developed and maintained by the nonprofit Future of Privacy Forum focuses on student data privacy and provides information from a variety of sources.
Protect Kids Online
This is a resource developed by the Federal Trade Commission (FTC) to help parents/guardians understand and manage the risks associated with their child(ren)’s online presence.
Data Quality Campaign (DQC)
The DQC is an advocacy group that focuses on data privacy issues.
Fair Information Practice Principles (FIPPs) (PDF)
Exhibit A to the National Strategy for Trusted Entities in Cyberspace published by the National Institute of Standards and Technology (NIST). This document provides information on principles that many information technology (IT) professionals consider when evaluating systems, processes, and programs that will contain PII.
On Guard Online
This Web site, managed by the FTC in partnership with other federal agencies, provides tips to help citizens be safe, secure, and responsible online. A variety of tools for parents/guardians, educators, and the general public are provided.
Special Publication 800-53, Revision 4 – Security and Privacy Controls for Federal Information Systems and Organizations (PDF)
This publication provides guidelines for selecting and specifying security controls for organizations and information systems supporting the executive agencies of the federal government to meet the privacy and security requirements of Federal Information Privacy Standards (FIPS) Publication 200.
Protecting Privacy in Connected Learning
This toolkit was developed by the Consortium of School Networking (CoSN) to help LEAs (in conjunction with their local legal counsel) navigate four major federal laws: FERPA, Children’s Online Privacy Protection Act (COPPA), Health Insurance Portability and Accountability Act (HIPAA) and the PPRA.
Model Notification of Rights for Elementary and Secondary Schools
This document is a sample form of the annual FERPA parental notification.
The Center for Digital Education’s “What Every K–12 Institution Should Look for in a Reference Architecture for Successful Private Cloud Deployment"
This document provides the nonprofit Center for Digital Education’s suggested considerations for those LEAs who are contemplating cloud-based services.
Protecting Student Privacy While Using Online Educational Resources
This PTAC Web page provides guidance and resources for complying with privacy mandates and best practices while using educational technology in the classroom.