Chancellor's Regulations
NYC DOE Chancellor's Regulations on Data Security
- Statute
- NYC DOE Chancellor's Regulations A-820 (records); D-130 (computer use)
- Regulations
- None specified
- Enacted / Last Major Amendment
- Various dates; updated periodically
- Jurisdictional Layer
- New York City (sub-state)
Summary
NYC-DOE-specific policies on confidentiality and release of student records, computer-related equipment use, and Internet safety. Applies fully to NYC-DOE-authorized charters; generally-applicable provisions reach Regents/SUNY-CSI charters operating in NYC.
School-side obligations
- Adopt data security policies aligned with NYC DOE standards
- Use NYC DOE-approved (or DOE-equivalent) Data Sharing Agreement template
- Submit vendor agreements to NYC DOE Data Sharing and Privacy Office for DOE-authorized charters
Vendor-side obligations
- Align with NYC DOE DPA template terms
- Some vendor categories require placement on DOE approved-vendor list
Breach notification
Follow NY Ed Law 2-d; NYC DOE adds internal reporting layer.
Enforcement
NYC DOE Office of Charter Schools for DOE-authorized; state framework otherwise.
NCSC AI Toolkit — Scanner Fields
These fields in the NCSC AI Toolkit derive from this statute:
is_nyc_doe_authorizedaligned_with_nyc_doe_dpa_template
Open Questions / Unsettled Law
- How much NYC DOE oversight binds non-DOE-authorized charters operating in NYC