Student Data Privacy FAQ
How does LCPS protect the privacy of student information ?
LCPS protects the privacy of student information by:
- ensuring compliance with laws of both the commonwealth of Virginia and the federal government;
- providing continual staff development on student privacy and the various laws that protect access to student information;
- ensuring applications that are educationally relevant are vetted;
- requiring partner/vendor contracts to include a Data Privacy Agreement; and
- auditing and monitoring access to databases, controlling how information is distributed to those with a legitimate educational interest, and implementing Data Loss Prevention (DLP) tools.
What is considered directory information ?
Directory information is defined as the following: name and address of student and parent(s) or guardian(s), telephone listing(s), electronic mail addresses or other electronic contact information of parents or guardians, date and place of birth, participation in officially recognized activities and sports, height and weight if member of athletic team, dates of attendance and grade level, awards and honors received, student ID, and other similar information specified by administrative regulation.
Who has access to LCPS student information ?
Educational records are accessible by school officials with a legitimate educational interest.
More information is available in the Student Rights and Responsibilities Handbook and in School Board
Policy 8610 and Policy 8640 and LCPS Information Security Regulation 3065.
Do you market my child's information ?
LCPS does not market any student information. Vendors are required to sign a Data Privacy Agreement as part of the contracting process.
How does LCPS determine what sites are educationally relevant for my child ?
The Department of Instruction determines educationally relevant resources for students, taking into consideration developmental factors, age and content appropriateness, and all resources must comply with the LCPS Responsible/Acceptable Use Policy (RUP/AUP) and School Board Policies.
What can I opt out of ?
You have the option to choose whether your student’s directory information is released or not.
If you desire to limit the disclosure of your child’s directory information, you may do so by
following the process explained in the Student Rights and Responsibilities Handbook (log onto
Does a document need to identify a student by name in order to be an education record ?
No, a document can be considered personally identifiable information (PII) for example, without identification of the student by name. A personal identifier includes any personal characteristics that would make the student’s identity easily traceable. For example, a student ID number, social security number, their initials, or other equally unique identifiers.
Children's Online Privacy Protection Act (COPPA)
The primary goal of COPPA is to place parents in control over what information is collected from their young children online. The Rule was designed to protect children under age 13 while accounting for the dynamic nature of the Internet. The Rule applies to operators of commercial websites and online services (including mobile apps) directed to children under 13 that collect, use, or disclose personal information from children, and operators of general audience websites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under 13. The Rule also applies to websites or online services that have actual knowledge that they are collecting personal information directly from users of another website or online service directed to children.
If you have questions about COPPA please visit this site:
FTC.gov site on Children's Privacy
Family Educational Rights and Privacy Act (FERPA)
The Family Educational Rights and Privacy Act (FERPA) is a federal law that affords parents the right to have access to their children’s education records, the right to seek to have the records amended, and the right to have some control over the disclosure of personally identifiable information from the education records. When a student turns 18 years old, or enters a postsecondary institution at any age, the rights under FERPA transfer from the parents to the student (“eligible student”). The FERPA statute is found at 20 U.S.C. § 1232g and the FERPA regulations are found at 34 CFR Part 99.
Education records are records that are directly related to a student and that are maintained by an educational agency or institution or a party acting for or on behalf of the agency or institution. These records include but are not limited to grades, transcripts, class lists, student course schedules, health records (at the K-12 level), student financial information (at the postsecondary level), and student discipline files. The information may be recorded in any way, including, but not limited to, handwriting, print, computer media, videotape, audiotape, film, microfilm, microfiche, and e-mail.
FERPA allows the public release of some personally identifiable student information as school directory information.
If you have questions about FERPA please visit this site:
U.S. Department of Education site for parents on FERPA
Personally Identifiable Information (PII)
PII refers to any data or information about students collected by schools, districts, government agencies, or organizations and companies working with schools that might reveal the identity or personal information of specific students or that could allow someone to indirectly track down the identity or personal information of students. A school may disclose PII from the education records of a student without obtaining prior written consent of the parents or the eligible student under certain circumstances.
If you have questions about PII, please visit this site:
U.S. Department of Education site on PII
Virginia Law on student data privacy