Req. No. 5816 Page 1 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
STATE OF OKLAHOMA
1st Session of the 58th Legislature (2021)
HOUSE BILL 1104 By: Vancuren
AS INTRODUCED
An Act relating to schools; amending Section 1,
Chapter 356, O.S.L. 2013, as amended by Section 1,
Chapter 33, O.S.L. 2015 (70 O.S. Sup p. 2020, Section
3-168), which relates to the Student Data
Accessibility, Transparency and Accountability Act of
2013; and modifying definition of student data to
include tribal affiliation and certain data related
to American Indian heritage .
BE IT ENACTED BY THE PEOPLE OF THE STATE OF OKLAHOMA:
SECTION 1. AMENDATORY Section 1, Chapter 356, O.S.L.
2013, as amended by Section 1, Chapter 33, O.S.L. 2015 (70 O.S.
Supp. 2020, Section 3-168), is amended to read as follows:
Section 3-168. A. This section shall be known and may be cited
as the "Student Data Accessibility, Transparency and Accountability
Act of 2013".
B. As used in this act:
1. "Board" means the State Board of Education;
2. "Department" means the State Dep artment of Education;
3. "Data system" means the Oklahoma State Department of
Education student data system;
Req. No. 5816 Page 2 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
4. "Aggregate data" means data collected and/or reported at the
group, cohort, or institutional level;
5. "De-identified data" means a student d ataset in which parent
and student identifying information, including the state -assigned
student identifier, has been removed;
6. "Student testing number" means the unique student identifier
assigned by the state to each student that shall not be or inclu de
the Social Security number of a student in whole or in part;
7. "Student data" means data collected and/or reported at the
individual student level included in a student's educational record.
a. "Student data" includes:
(1) state and national assessmen t results, including
information on untested public school students,
(2) course taking and completion, credits earned, and
other transcript information,
(3) course grades and grade point average,
(4) date of birth, grade level and expected
graduation date/graduation cohort,
(5) degree, diploma, credential attainment, and other
school exit information such as General
Educational Development and drop-out dropout
data,
(6) attendance and mobility,
Req. No. 5816 Page 3 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
(7) data required to calculate the federal four -year
adjusted cohort graduation rate, including
sufficient exit and drop-out dropout information,
(8) discipline reports limited to objective
information sufficient to produce the federal
Title IV Annual Incident Report,
(9) remediation,
(10) special education data,
(11) demographic data and program participation
information, including tribal affiliation and
other data associated with students who have been
identified as having American Indian heritage,
and
(12) military student identifier.
b. Unless included in a studen t's educational record,
"student data" shall not include:
(1) juvenile delinquency records,
(2) criminal records,
(3) medical and health records,
(4) student Social Security number, and
(5) student biometric information; and
8. "Military student identifie r" means a unique identifier for
each student whose parent or guardian is a member of the Armed
Forces of the United States, a reserve component of the Armed Forces
Req. No. 5816 Page 4 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
of the United States or the National Guard which will allow for the
disaggregation of each category.
C. The State Board of Education shall:
1. Create, publish and make publicly available a data inventory
and dictionary or index of data elements with definitions of
individual student data fields currently in the student data system
including:
a. any individual student data required to be reported by
state and federal education mandates,
b. any individual student data which has been proposed
for inclusion in the student data system with a
statement regarding the purpose or reason for the
proposed collection, and
c. any individual student data that the State Department
of Education collects or maintains with no current
purpose or reason;
2. Develop, publish and make publicly available policies and
procedures to comply with the federal Family Educa tional Rights and
Privacy Act (FERPA) and other relevant privacy laws and policies,
including but not limited to:
a. access to student and de -identified data in the
student data system shall be restricted to:
(1) the authorized staff of the State Departmen t of
Education and the Department's contractors who
Req. No. 5816 Page 5 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
require such access to perform their assigned
duties, including staff and contractors from the
Information Services Division of the Office of
Management and Enterprise Services assigned to
the Department,
(2) district administrators, teachers and school
personnel who require such access to perform
their assigned duties,
(3) students and their parents, and
(4) the authorized staff of other state agencies in
Oklahoma as required by law and/or defined by
interagency data-sharing agreements,
b. the State Department of Education shall use only
aggregate data in public reports or in response to
record requests in accordance with paragraph 3 of this
subsection,
c. the State Department of Education shall develop
criteria for the approval of research and data
requests from state and local agencies, the State
Legislature, researchers and the public:
(1) unless otherwise approved by the State Board of
Education, student data maintained by the State
Department of Educat ion shall remain
confidential, and
Req. No. 5816 Page 6 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
(2) unless otherwise approved by the State Board of
Education to release student or de -identified
data in specific instances, the Department may
only use aggregate data in the release of data in
response to research and d ata requests, and
d. notification to students and parents regarding their
rights under federal and state law;
3. Unless otherwise approved by the State Board of Education,
the State Department of Education shall not transfer student or de -
identified data deemed confidential under division (1) of
subparagraph c of paragraph 2 of this subsection to any federal,
state or local agency or other organization/entity outside of the
State of Oklahoma, with the following exceptions:
a. a student transfers out of sta te or a school/district
seeks help with locating an out -of-state transfer,
b. a student leaves the state to attend an out -of-state
institution of higher education or training program,
c. a student registers for or takes a national or
multistate assessment,
d. a student voluntarily participates in a program for
which such a data transfer is a condition/requirement
of participation,
Req. No. 5816 Page 7 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
e. the Department enters into a contract that governs
databases, assessments, special education or
instructional supports with a n out-of-state vendor,
f. a student is classified as "migrant" for federal
reporting purposes, or
g. a student with a military student identifier for
purposes of assisting the Department of Defense in
developing policy and military child education
initiatives;
4. Develop a detailed data security plan that includes:
a. guidelines for authorizing access to the student data
system and to individual student data including
guidelines for authentication of authorized access,
b. privacy compliance standards,
c. privacy and security audits,
d. breach planning, notification and procedures, and
e. data retention and disposition policies;
5. Ensure routine and ongoing compliance by the State
Department of Education with FERPA, other relevant privacy laws and
policies, and the privacy and security policies and procedures
developed under the authority of this act, including the performance
of compliance audits;
6. Ensure that any contracts that govern databases, assessments
or instructional supports that include studen t or de-identified data
Req. No. 5816 Page 8 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
and are outsourced to private vendors include express provisions
that safeguard privacy and security and include penalties for
noncompliance;
7. Notify the Governor and the Legislature annually of the
following:
a. new student data proposed for inclusion in the state
student data system:
(1) any new student data collection proposed by the
State Board of Education becomes a provisional
requirement to allow districts and their local
data system vendors the opportunity to meet the
new requirement, and
(2) the State Board of Education must submit any new
"provisional" student data collection to the
Governor and the Legislature for their approval
within one (1) year in order to make the new
student data a permanent requirement. Any
provisional student data collection not approved
by the Governor and the Legislature by the end of
the next legislative session expires and is no
longer required,
b. changes to existing data collections required for any
reason, including changes to federal repo rting
requirements made by the U.S. Department of Education,
Req. No. 5816 Page 9 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
c. an explanation of any exceptions granted by the State
Board of Education in the past year regarding the
release or out-of-state transfer of student or de -
identified data, and
d. the results of any and all privacy compliance and
security audits completed in the past year.
Notifications regarding privacy compliance and
security audits shall not include any information that
would itself pose a security threat to the state or
local student informa tion systems or to the secure
transmission of data between state and local systems
by exposing vulnerabilities; and
8. By July 1, 2016, include a military student identifier in
the state student data system.
D. The State Board of Education shall adopt ru les for the State
Department of Education to implement the provisions of the Student
Data Accessibility, Transparency and Accountability Act of 2013.
E. Upon the effective date of this act, any existing collection
of student data by the State Department o f Education and the
addition of a military student identifier to the student data
collected by the Department after the effective date of this act
shall not be considered a new student data collection in accordance
with subparagraph a of paragraph 7 of sub section C of this section.
Req. No. 5816 Page 10 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
F. Nothing in this act shall interfere with the State
Department of Education's compliance with the Educational
Accountability Reform Act.
58-1-5816 AMM 01/08/21