Student Online Personal Protection Act (SOPPA)

  • Effective July 1, 2021, school districts will be required by the Student Online Personal Protection Act (SOPPA) to provide additional guarantees that student data is protected when collected by educational technology companies, and that data is used for beneficial purposes only (105 ILCS 85).

    Watch below for a quick overview of what SOPPA entails: 

  • As described in the video, school districts must:

    1. Enter into written agreements with all K-12 service providers who collect student data. See our list of approved online resources.
    2. Implement and maintain reasonable security practices. Agreements with vendors in which information is shared must include a provision that the vendor maintains reasonable security procedures and practices.
    3. Post all applicable documents online. See our list of approved online resources.
    4. Detail the process for how parents can exercise their rights to inspect, review and correct information maintained by the school, operator, or ISBE. Parents/guardians can request to review and correct any information maintained by the District or any online/application provider by contacting DPS 109's privacy officer, RJ Bialk.
  • Click here for our list of approved online resources.

Data Breaches

  • District 109 will post details here about data breaches involving 10% or more of the District's students, including the number of students whose covered information was involved in the breach, date of breach (or estimate) and operator name.