Student Data Privacy - What you need to know.

With the adoption of General Statutes 10-234aa through 10-234dd (inclusive) schools, educators, and the organizations that interface with educational institutions in Connecticut have some very specific requirements to protect the student data.  What we (Educators and our Districts) have to do to be within compliance can be complex and nuanced.  It's our aspiration to offer guidance and clarity for how you can abide by these Statutes.

Resources

• Connecticut Department of Administrative Services Website - Offering your HUB for all elements related to the Statutes.
• CTEdTech - The Software Hub identifying Companies and Software which is within Compliance. 

Key points:

• A list of security-related policies and practices must be implemented by all parties in order to be within compliance with the Statutes. 
• Each Vendor must pledge to agree to abide by these policies and practices outlined in the General Statutes.

Questions:

Q:  How can I find out if my software, plugin, extension, website is on the approved list of software?  A:  Check the CTEdTech Hub!

Q:  How can I add the software, plugin, extension, website, etc to the approved list of software?  A:  Forward this letter to the Vendor encouraging them to join the CTEdTech Hub. You can also request directly through the platform by: (1) searching for the site you want to add, (2) hovering over the button for this site, (3) choosing "REQUEST".

Q:  Does my district need to have a signed agreement from the Developer or is the CTEdTech Hub good enough?  A:  Only the CTEdTech is needed for you and the Vendor to be within compliance of the Statutes.  (Source, the FAQ below)

Q:  What about sites that authenticate through Google Sign in, are they in compliance?  A:  Yes as no data beyond a validation token is provided to the Vendor!

Frequently Asked Questions (FAQ) published in February, 2022 by Doug Casey of the Connecticut Commission for Educational Technology (DAS) with an accompanied support video.