Skip To Main Content

Student Data & Privacy

District 47 is dedicated to protecting the confidentiality of student data and ensuring their online safety, including implementing safeguards on the online resources used in schools.


Children's Online Privacy Protection Act (COPPA)

In order to create accounts for our students on select tools and applications, we must comply with federal regulations requiring parental consent, including the Children’s Online Privacy Protection Act (COPPA). Pursuant to COPPA, web-based tools and applications must notify parents and obtain verifiable parental consent before collecting personal information from children under 13 years of age.
Children's Online Privacy Protection Act (COPPA)

D47 SOPPA approved web apps & privacy agreements 

Student Online Personal Protection Act (SOPPA)

District 47 is a member of the Illinois Student Privacy Alliance

Effective July 1, 2021, school districts will be required by the Student Online Personal Protection Act (SOPPA) to provide additional guarantees that student data is protected when collected by educational technology companies, and that data is used for beneficial purposes only (105 ILCS 85). SOPPA applies to all Illinois school districts, the Illinois State Board of Education, and operators of online services and applications. 

SOPPA requires that school districts must:

  • Enter into written agreements with all K-12 service providers who collect student data. 
  • Implement and maintain reasonable security practices. Agreements with vendors in which information is shared must include a provision that the vendor maintains reasonable security procedures and practices.
  • Post on their website: 
    • A list of all operators of online services or applications utilized by the district (annually)
    • All data elements that the school collects, maintains, or discloses to any person, entity, third party, or governmental agency (annually). 105 ILCS 85/27(a)(1), added by P.A. 101-516, eff. 7-1-21. This information must also explain how the school uses the data, and to whom and why it discloses the data. (Data elements can be found by hovering over the image on the far right (Under Data) of each operator listed)
    • Contracts for each operator within 10 days of signing. 
    • Subcontractors for each operator (annually). 
    • The process for how parents can exercise their rights to inspect, review and correct information maintained by the school, operator, or ISBE. Parents can contact techsupport@d47.org if they wish to inspect, review, or correct information held in D47 databases.
    • Data breaches within 10 days and notify parents within 30 days. Should a data breach occur, parents will be notified via the Blackboard notification system and a list of breaches of covered information maintained by the school or operator involving 10% or more of the District's student enrollment will be posted on this page, including:
      • Number of students whose covered information was involved in the breach, unless the breach involved personal information as defined in the Personal Information Protection Act, 815 ILCS 530/5, in which case the number of students involved may not be disclosed.
      • Date, estimated date, or estimated date range of each breach
      • Name of the operator, in applicable
      • Per 105 ILCS 85/27(a)(5), added by P.A. 101-516, eff. 7-1-21. The District must update breach information by Jan. 31 and July 31 each year, and it must remain on the District's website for at least five years after the District adds it to the list.
    • Create a policy for who can sign contracts with operators. See Board Policy 7:345.

This page contains links to documents that are in Adobe's PDF format.  If you have accessibility needs that make it difficult for you to access and/or interpret information in PDF format, please call 815-788-5014 or email communications@d47.org, and we will be happy to assist you.