Student Online Personal Protection Act (SOPPA)

  • Evanston Township High School District 202 takes the privacy and online safety of our students very seriously. We continue to closely guard the student data collected within our networks or by the online resources we use in our school.

    Effective July 1, 2021, all school districts are required by the Student Online Personal Protection Act (SOPPA) to provide additional assurance that student data is protected when collected by educational technology companies and that the data is used for beneficial purposes only. 

    Board Policy Manual Section 7.345: Use Of Educational Technologies; Student Data Privacy & Security

Video Overview of SOPPA

Student Covered Information

  • Right and Procedures for Reviewing Student Covered Information

    Parents may request to inspect and review their student’s covered information by contacting the D202 Data Privacy Officer.  Requests for reviewing records must be made in writing and include the date of the request, the parent’s name, address, phone number, student’s name, and the name of the school from which the request is being made. Parents will be required to provide proof of identity and relationship to the student before access to the covered information is granted.

    The District shall provide an electronic copy of the records within 45 days of receiving a request for the covered information.  If a parent requests a paper copy, the District will charge .35 cents per page.  No parent will be denied a paper copy due to an inability to pay.

    A parent may make a request to review and receive copies of covered information no more than two requests per student per quarter. 

    Parents may request corrections of factual inaccuracies contained in their student’s covered information. The District will review the request, determine if an inaccuracy exists, and if so, will make any necessary corrections within 90 days of the request.  If the correction needs to be made by the Illinois State Board of Education or a District’s vendor, any necessary corrections will also be made within 90 days of the request and the District will notify the parent of any necessary corrections within 10 days after receiving confirmation of the corrections.  

    If a parent requests the deletion of any covered information, the District will review the request to determine whether such a deletion would violate the law or result in the student being unable to participate in the District’s curriculum. 

    Parents may also consult the District’s procedures on reviewing and challenging student records if the covered information also constitutes student records.

District 202 Approved Online Resources

  • ETHS maintains a list of all District approved online resources that fall under SOPPA compliance.  The list includes the online services or applications that the District uses, the contracts signed by the District, and any data collected by those tools or by the District. 

    In compliance with state law and federal law, and in order to confirm that appropriate safeguards are in place when sharing student data and information, ETHS has entered into data-sharing agreements with its K-12 educational technology vendors and has reviewed the privacy policies of all of its other vendors. A list of the ETHS-approved data-sharing agreements can be found on the SDPC Resource Registry. 

    Teachers and Staff at ETHS must fill out an online form in order to request the District's Data Privacy Officer verify if an application or tool is SOPPA compliant. The District regularly updates and verifies applications and tools.

Data Breaches

  • ETHS D202 will post details on the website about data breaches involving 10% or more of the District's students, including the number of students whose covered information was involved in a breach, date of breach (or estimate), and operator name.