Data System Privacy
About Data Privacy
Data can be a powerful tool for students, families, and lawmakers when used correctly and with the necessary security and privacy practices in place.
Although data can be used to facilitate change and improvement, there is a need to balance the usefulness of this data with the privacy of the individuals represented by the data.
For more information on who uses student data, see the Data Quality Campaign’s infographic here.
The California Cradle-to-Career Data System (C2C) and Data Privacy
The purpose of C2C is to ensure citizens and families have equitable access to data to make informed decisions about their education and careers and ensure lawmakers and researchers have the information they need to inform policies and practices.
C2C is committed to protecting confidential records of all Californians. The Office of Cradle-to-Career Data does not collect data from students or families. It links and enables the public to gain insights from data that has already been collected and validated by its data partners.
C2C’s privacy policies and procedures follow state and federal laws such as the Family Educational Rights and Privacy Act (FERPA). Its data access and security protocols follow strict federal and state of California standards and best practice technology protocols.
C2C is committed to transparency in its data collections, storage, and disclosure policies and practices.
FAQ: C2C’s Data Privacy
The Data System and Your Rights
C2C does not collect or own your personal information included in the data system. C2C is charged with maintaining and linking data from statewide entities pursuant to the California Cradle-to-Career Data System Act (Education Code section 10860, et seq.). You have the right to inquire and/or inspect any of your personal information maintained by C2C and/or to request amendment of any inaccuracies in this information at the source of data collection.
To exercise your right to inquire and/or inspect your personal information that may be maintained by C2C, or to request correction of inaccuracies, please contact the source of data collection by reaching out to the privacy officer of C2C’s data partners below:
Bureau for Private Postsecondary Education:
bppe.privacy@dca.ca.gov
California Community Colleges:
Kathy Lynch, Deputy Council: klynch@CCCCO.edu
California Department of Education:
ISO@cde.ca.gov
California Student Aid Commission:
iso@csac.ca.gov
California State University:
Stephanie Honda, Director, CSU Privacy Program: privacy@calstate.edu
CSU Privacy Form
Commission on Teacher Credentialing:
California Department of Health Care Services:
Daniel Jordan, Branch Chief: Daniel.Jordan@dhcs.ca.gov
Department of Developmental Services:
PrivacyOfficer@dds.ca.gov
Department of Social Services:
piar@dss.ca.gov
DDS Privacy Forms
Employment Development Department:
Patricia Rey, Privacy Officer: Patricia.rey@edd.ca.gov
University of California:
Noelle Vidal, Healthcare Compliance and Privacy Counsel: Noelle.vidal@ucop.edu
April Sather, Chief Information Security Officer: April.Sather@ucop.edu
State and Federal Laws on Data Privacy
State
- California Consumer Privacy Act (CCPA) of 2018 and 2020 – California law increasing data privacy protections for California citizens with special provisions for children under 16 and ballot initiative that amends and expands privacy protections under the California Consumer Privacy Act of 2018.
- Student Online Personal Information Protection Act — California Business & Professions Code § 22584 – California law including provisions preventing marketing to students and their parents, requirements that student data only be used for specified educational purposes.
- California Public Records Act (PRA) – California Government Code §§ 7920.00 – 7931.00 – California law outlining conditions for requesting and receiving records held by public agencies.
- California Information Practices Act (IPA) – California Civil Code §§ 1798-1798.1 – California law outlining requirements for collecting and accessing information about public employees.
- Employment Records -Unemployment Insurance Code- §§ 1094, 1095– California law on limitations on disclosure of employee wage records
Federal
- Family Educational Rights and Privacy Act (FERPA) – 20 United States Code (U.S.C.) § 1232g – Federal law outlining rights and requirements related to accessing, sharing, and amending student records.
- Health Insurance Portability and Accountability Act of 1996 (HIPAA) – Federal law that requires the creation of national standards to protect sensitive patient health information from being disclosed.
- Higher Education Act of 1965, as amended, §§ 483(a)(3)(E) – Federal law that limits the use of FAFSA application data without a student’s written consent.
- Federal-State Unemployment Compensation (Program)- 20 Code of Federal Regulations (CFR) States Code (U.S.C) §§ 603.9 and § 603.10– Federal regulations for disclosures of confidential UC information, including to a third party (other than an agent) or disclosures made on an ongoing basis; requirements for agreements for disclosures of confidential UC information.
- Privacy Act of 1974, as amended, 5 U.S.C. § 552a– Federal law establishing a code of fair information practices that governs the collection, maintenance, use, and dissemination of information about individuals that is maintained in systems of records by federal agencies, including social security data.