 |
ARIZONA STATE SENATE
Fifty-Fifth Legislature, First Regular Session
students; data; accessibility
Purpose
Grants county superintendents, the State Board of Education (SBE) and the Arizona State Board for Charter Schools (ASBCS) access to student-level data for students within their jurisdiction.
Background
Student-level data is all data elements compiled for each student necessary to the Arizona Department of Education (ADE) and the SBE for completion of statutory requirements relating to: 1) calculating funding for public education; 2) determining student academic progress measured by student testing programs; and 3) state and federal reporting requirements and other prescribed duties. Student-level data does not include unauthorized data elements related to student behavior, discipline, criminal history, medical history, religious affiliation, physical descriptors or family information (A.R.S. § 15-1042).
Statute requires ADE to allow access to student-level data for currently enrolled students to: 1) school districts; 2) career technical education districts; and 3) charter schools. Student-level data may not be updated unless the change is authorized by the district or charter school. Any disclosure of educational records must comply with the Family Educational Rights and Privacy Act (FERPA) (A.R.S. § 15-1043).
There is a potential fiscal impact to the state General Fund associated with this legislation due to incurred technology costs.
Provisions
1. Requires ADE to adopt policies that allow county school superintendents, the SBE and the ASBCS access to student-level data for students currently enrolled in a school that is within their jurisdiction.
2. Requires ADE to develop and publish policies, as defined by interagency data-sharing agreements, to comply with FERPA and other relevant privacy laws, including those that manage access to personally identifiable information to be implemented by ADE, county school superintendents, the SBE and the ASBCS.
3. Requires the ADE-developed policies to:
a) contain a detailed security plan that includes:
i. guidelines for authorizing access and authenticating authorization to systems housing the data;
ii. privacy compliance standards and security audits;
iii. security breach planning, notice, procedures and consequences;
iv. data retention and disposition policies, including criteria on how and when the data is destroyed; and
v. guidelines regarding data use and staff trainings;
b) ensure that written agreements involving the disclosure of student-level data that comply with the following:
i. minimum FERPA conditions;
ii. specify the purpose, scope and duration of the disclosure and information disclosed;
iii. require personally identifiable information to comply with the outlined scope;
iv. prohibit access to personally identifiable information by anyone outside of the organization; and
v. require the organization to destroy personally identifiable information that is no longer needed for the outlined purpose and specify when the information must be destroyed;
c) ensure that work products from the use of student-level data do not conflict with any state and federal reporting; and
d) provide access to student-level data through an online platform within the parameters of federal law pursuant to the written agreements with the consent of required parties.
4. Makes technical and conforming changes.
5. Becomes effective on the general effective date.
Prepared by Senate Research
February 12, 2021
JO/JP/gs