Test Level 0
Level 0 Historical
Maintaining the security and privacy of student data is what sets the SCRIC apart from all other similar services. Districts retain control of their data while in the custody of the SCRIC.
Every SCRIC staff member is obligated to serve as a steward of data and information held by the RIC and to protect the security and privacy of information and information technology systems.
The Security and Privacy Principles below provide the guiding framework for decision making and management of security and privacy at the SCRIC.
– Only authorized individuals will have access to information.
– Information must be reliable and accurate.
– Information must be available when it is needed.
– Accountability for the security and privacy of information must be clearly defined within the RIC.
– RIC staff members and users of RIC services must be made aware of standards, expectations and policies adopted by the RIC for protecting the security and privacy of information.
– The management of security and privacy and the use of information must always be handled in an ethical manner.
– Security and privacy safeguards must be proportionate to the risks.Integration – Security and privacy standards are integrated into the processes of the SCRIC consistently and within a framework of established safeguards.
– RIC teams must respond in a timely and coordinated manner to prevent and effectively react to security and privacy breaches and threats.
– Security and privacy risks, controls and standards must be regularly reviewed and continuously improved.
– The rights and dignity of individuals will be preserved while carrying out security and privacy goals.
– Schools and individuals are informed about how their information will be used, disclosed and retained.
– The RIC will obtain consent, or allow for schools and individuals to opt out of the collection, use, disclosure and retention of information.
– The RIC will only collect information that is relevant and required to support school services or the purposes identified.
– The RIC will keep information only as long as required and will always dispose of all information in a manner that maintains confidentiality.
– Disclosure of information to third parties is strictly limited and only as approved by authorized school district staff.
– The RIC will always allow school districts and those that they authorize to access their data.
– The RIC is open to suggestions, complaints and disputes regarding privacy and security and maintains procedures for redress of grievances.
Data Service Support
NYS RIC Data Security & Privacy
SEDDAS Home with Quick Guides
SEDDAS Quick Start Guide
View text-based website