EdTech CCS: What is a Data Privacy Agreement (DPA)?
A data privacy agreement is a legally binding contract between a data controller and a data processor, which defines how data will be used. In this case, the data controller is Carmel Clay Schools, while the data processor is any third-party vendor with whom data are shared.
For schools, a data privacy agreement establishes several key parameters that govern what a third-party vendor can do with data, including:
- Defining student data
- Designating the vendor as a school official under FERPA
- Establishing CCS ownership of the data
- Limiting the use of data to only services defined by the contract
- Requiring compliance with all applicable laws and regulations
- Prohibiting disclosure of the data
- Forbidding the use of data for advertising purposes
- Determining the data destruction process
The pivot to virtual learning during the pandemic accelerated the already rapidly growing number of EdTech tools in use nationwide. To help us navigate the thousands of tools available, CCS has a new partnership with Learn Platform, an EdTech effectiveness assessment service. We’ll be sharing more about Learn Platform in future posts.
Original source can be found here.