Be Connected: Understanding the ISPA and SDPC Database Tools

With the SOPPA legislation going into effect on July 1, 2021, start learning how to manage and display your data agreements and other pertinent information using the Illinois Student Privacy Alliance (ISPA) and Student Data Privacy Consortium (SDPC) database tools.

Using the National Data Privacy Agreement for SOPPA Compliance

This session aims to provide an understanding of the National Data Privacy Agreement (NDPA) released early this year by the Student Data Privacy Consortium and a State Terms Exhibit G for Illinois in accordance with SOPPA and other Illinois regulations. The NDPA’s goals are to streamline application contracting and set common expectations between schools/districts and marketplace providers.

The Learning Technology Center of Illinois is the SDPC Alliance Member for Illinois which allows any school in Illinois to access the resources of the SDPC.

Reasonable Security Practices for Cybersecurity and Data Privacy in IL K-12

Student Online Personal Protection Act (SOPPA) requires Illinois school districts to maintain reasonable security procedures and practices. Chris Wherley, Director of Technology Services for the Learning Technology Center, identifies practices that schools should adopt to meet SOPPA legislation.

This webinar will also feature the Center for Internet Security (CIS) Controls and the use of the CIS Controls Implementation Groups (IG), specifically IG 1, to help guide securing and protecting our schools. Participants will experience a demonstration of the CIS Controls Self-Assessment Tool (CSAT), a tool to help track what has been done and what else can be done. For more information, visit https://csat.cisecurity.org/

Legal Issues in School District Cybersecurity

Join Attorney Brandon K. Wright of Miller, Tracy, Braun, Funk & Miller, Ltd. as he discusses and takes your questions regarding the most important legal issues that arise with school district cybersecurity, data privacy, and related concerns. Whether it is remote learning, in-person tech use, or catching up on work on the weekend, are you ready to legally protect your school district’s network?

Data and Security Summit

Doug Levin, the CEO and Founder of EdTech Strategies, kicked off the event by sharing his work tracking publicly school cybersecurity incidents as part of the K-12 Cyber Incident Map, driving home the point that schools across the county, including Illinois, are dealing with cybersecurity incidents.

Breakout sessions and whole group conversations throughout the day were facilitated by Ross Lemke, the Director of the U.S. Department of Education’s Privacy and Technical Assistance Center; Chris Hill, the Chief Information Security Officer for the Illinois Department of Innovation and Technology; and Chris Wherley, the Learning Technology Center’s Network and Technology Services Coordinator.

As the day progressed, common themes surfaced in many sessions: school districts are vulnerable, communication and planning is essential, and security is a shared responsibility between all district leaders and not just the technology staff.

In case you missed the events, here are the presentations and resources:

Among our favorite tools referenced are:

Illinois Student Privacy Alliance

link to access Illinois Student Privacy Alliance pageLink to request a district account for Illinois Student Privacy Alliance

The Learning Technology Center (LTC) formed the Illinois Student Privacy Alliance (ISPA) in partnership with the Access 4 Learning Community’s Student Data Privacy Consortium (SDPC). SDPC is a national collaborative of schools, districts, and state agencies that are working together to address growing student data privacy concerns by developing real-world, adaptable, and implementable solutions. The goal of the ISPA is to set standards of both practice and expectations around student privacy such that all parties involved have a common understanding of expectations. The LTC’s creation of ISPA also means that all PK-12 districts in Illinois are now able to use the resources provided by the SPDC without additional cost to the district.

The free membership to ISPA includes:

  • A statewide agreement that districts can use to ensure that the vendor is aware of and complies with Illinois’ student data privacy laws;
  • A searchable database of applications and vendors who have signed the statewide agreement with at least one school or district;
  • Full access to a clearinghouse of research and privacy effective practices; use cases and technical assistance guides; audit processes, checklists, and tools support;
  • Data governance and management modeling, and communities of practice between and among consortium members; and
  • Access to a community of schools, districts, states and marketplace providers dealing with the same issues you are.

More information on ISPA and SDPC is available at https://sdpc.a4l.org/view_alliance.php?state=IL. To join, visit https://sdpc.a4l.org/add_district_account.php?state=IL. Questions can be directed to Chris Wherley at cwherley@ltcillinois.org.