Data Security

As school systems increasingly seek to improve curricular and classroom experiences for learners, Vendor access to certain student data has become necessary. It has become equally important to ensure that vendors employ commercially reasonable methods to safeguard student data privacy. Accordingly, these student data privacy requirements apply to all vendors of software, applications, or services that require access to the Personally Identifiable Information “PII” of Essex County Public Schools (ECPS) students.

These student data privacy requirements represent standard terms and conditions for all vendors who require access to student data to provide services to the School System. In the event of a conflict between these Privacy Requirements and any license agreement with the Vendor, these Privacy Requirements control.

Data Privacy Agreement 

Vendor’s Certification

By agreeing to these Privacy Requirements, the Vendor certifies, under the penalties of perjury, that Vendor complies with all federal and state laws, regulations and rules as such laws may apply to the receipt, storing, maintenance or access to personal information, including without limitation, all standards for the protection of personal information of residents of the Commonwealth of Virginia and maintaining safeguards for personal information. Vendor hereby further certifies under penalties of perjury that it has a written comprehensive information security program and that Vendor shall fully comply with the provisions of the federal Family Educational Rights and Privacy Act, 20 U.S.C. §1232g and regulations disseminated thereunder and its Commonwealth of Virginia counterparts. Vendor further agrees to comply with all the mandates, protocols and practices established by these Privacy Requirements.