A. Any disclosure of educational records compiled by the department of education pursuant to this article shall comply with the family educational rights and privacy act (20 United States Code § 1232g).

Terms Used In Arizona Laws 15-1043

  • Affidavit: A written statement of facts confirmed by the oath of the party making it, before a notary or officer having authority to administer oaths.
  • Charter school: means a public school established by contract with the state board of education, the state board for charter schools, a university under the jurisdiction of the Arizona board of regents, a community college district or a group of community college districts pursuant to article 8 of this chapter to provide learning that will improve pupil achievement. See Arizona Laws 15-101
  • including: means not limited to and is not a term of exclusion. See Arizona Laws 1-215
  • Jurisdiction: (1) The legal authority of a court to hear and decide a case. Concurrent jurisdiction exists when two courts have simultaneous responsibility for the same case. (2) The geographic area over which the court has authority to decide cases.
  • School district: means a political subdivision of this state with geographic boundaries organized for the purpose of the administration, support and maintenance of the public schools or an accommodation school. See Arizona Laws 15-101
  • United States: includes the District of Columbia and the territories. See Arizona Laws 1-215

B. Student level data may not be updated unless the change is authorized by the school district, career technical education district or charter school.

C. The department of education shall adopt policies and procedures to both:

1. Allow access of student level data for currently enrolled students to all of the following:

(a) School districts.

(b) Career technical education districts.

(c) Charter schools.

2. Allow access of student level data to all of the following:

(a) County school superintendents for students currently enrolled in a school district located in the superintendent’s county of jurisdiction.

(b) The state board of education for students currently enrolled in a school district or charter school in this state.

(c) The state board for charter schools for students currently enrolled in a charter school sponsored by the state board for charter schools.

D. The department of education shall develop, publish and make publicly available policies and procedures to comply with the family educational rights and privacy act of 19 (20 United States Code § 1232g) and other relevant privacy laws and policies, including policies that manage access to personally identifiable information, to be implemented by the department of education, county school superintendents, the state board of education and the state board for charter schools pursuant to this section and as prescribed by interagency data-sharing agreements. The policies and procedures must comply with all of the following:

1. Contain a detailed data security plan that includes all of the following:

(a) Guidelines for authorizing access to the systems housing student level data and to individual student data, including guidelines for authenticating authorized access.

(b) Privacy compliance standards.

(c) Privacy and security audits.

(d) Security breach planning, notice and procedures.

(e) Data retention and disposition policies, which must include specific criteria for identifying when and how the data will be destroyed.

(f) Guidance for school districts, charter schools and staff regarding data use.

(g) Consequences for security breaches.

(h) Staff training regarding the guidelines.

2. Ensure that written agreements involving the disclosure of student level data to the department of education, county school superintendents, the state board of education and the state board for charter schools comply with all of the following:

(a) Meet the minimum conditions prescribed by the family educational rights and privacy act for exceptions to written parental consent as outlined in 20 United States Code § 1232g(b) and (h) through (j) and 34 C.F.R. § 99.31.

(b) Specify the purpose, scope and duration of the disclosure and the information to be disclosed.

(c) Require the organization to use personally identifiable information from educational records only to meet the purpose or purposes of the disclosure as stated in the written agreement.

(d) Require the organization to conduct the disclosure in a manner that does not allow access to the personally identifiable information of parents and students by anyone other than representatives of the organization with legitimate interests.

(e) Require the organization to destroy all personally identifiable information when the information is no longer needed for the purposes for which the disclosure was conducted and to specify the time period in which the information must be destroyed.

3. Ensure that any work products from the use of student level data by the department of education, county school superintendents, the state board of education or the state board for charter schools are not in conflict with any state and federal reporting that meets state and federal law.

4. Provide access to student level data through an online platform within the parameters of federal law and pursuant to the written agreements with the consent of the required parties.

E. This section does not apply to a homeschool student with an affidavit on file pursuant to section 15-802.

  Previous section
Next section  
 Article 8 Contents