2011 California Code
Education Code
TITLE 2. ELEMENTARY AND SECONDARY EDUCATION [33000 - 64100]
ARTICLE 5. Privacy of Pupil Records
Section 49079.6

(a) Commencing on July 1, 2010, and to the extent permissible under FERPA and its implementing regulations and Section 1798.24 of the Civil Code, the department may act on behalf of local educational agencies under FERPA, including providing access to and protecting the security of pupil data.

(b) Commencing on July 1, 2010, and to the extent permissible under FERPA and its implementing regulations, the department, on behalf of local educational agencies, may release pupil data to qualified researchers from nonprofit entities, pursuant to subdivision (t) of Section 1798.24 of the Civil Code.

(c) No earlier than July 1, 2010, the department shall establish an education data team within its staff to act as an institutional review board, whose composition and policies and procedures shall be in compliance with Part 46 of Title 45 of the Code of Federal Regulations, pursuant to subdivision (t) of Section 1798.24 of the Civil Code, and to review and respond to all requests for pupil data. The department, to the extent feasible, shall redirect department personnel for the purposes of the education data team rather than establish new positions.

(1) Pursuant to subdivision (t) of Section 1798.24 of the Civil Code, the education data team shall enter into a signed agreement with the Committee for the Protection of Human Subjects for the California Health and Human Services Agency to enable the education data team to provide the data security approvals required by Section 1798.24 of the Civil Code. The agreement shall authorize the education data team to release individually identifiable data to qualified researchers and other state and local agencies, as defined and permitted under federal and state law.

(2) The department shall commence preparations for the creation of the education data team upon enactment of the measure that adds this section.

(3) By July 1, 2010, the department shall develop appropriate policies and procedures for the education data team that shall include, but not be limited to, all of the following:

(A) Processes for all of the following:

(i) Application for access to data.

(ii) Response to applications for access to data, including timelines.

(iii) Appeal of denials for access to data.

(iv) Recording disclosure or redisclosure of personally identifiable information, pursuant to FERPA.

(B) Criteria to be used for approving the release of data, including, but not limited to, all of the following:

(i) The release of data to researchers from nonprofit organizations, pursuant to FERPA and subdivision (t) of Section 1798.24 of the Civil Code, that are conducting research for the purpose of improving instruction to pupils.

(ii) Limitations on data released, including, but not limited to, releasing to researchers only data necessary to meet research objectives.

(iii) The release of data from the department to another state educational agency with valid legal authority to conduct audit, evaluation, compliance, or enforcement analysis of educational materials, programs, outcomes, or activities, pursuant to FERPA and state law.

(C) (i) Any reasonable fees or charges that may be imposed upon research applicants to cover costs of responding to time-intensive requests.

(ii) Fees or charges imposed upon an applicant pursuant to this subparagraph shall not exceed the actual costs incurred by the department in responding to the applicant s request.

(iii) Fees or charges shall not be imposed pursuant to this subparagraph upon any state agency, except for fees or charges related to the release of data for research purposes to the University of California, the California State University, or the Chancellor of the California Community Colleges.

(D) Rules for data recipients regarding data control and destruction of data after use, to guard against any misuse of data, including third-party transfer.

(E) A written agreement that conforms to state and federal privacy and disclosure laws and regulations, and existing laws regarding data control and security, that shall be signed by any organization receiving data to conduct a study.

(d) A local educational agency may access data via CALPADS concerning pupils enrolled within the local educational agency or concerning pupils who intend or are directed to enroll, subject to the rights of parents as provided in Section 49068, within one local educational agency.

(e) In order to promote a culture of collaboration and data analysis and to increase the identification and sharing of effective practices, local educational agencies may share data with each other via CALPADS to the extent permissible under federal and state law.

(f) The department is responsible for data management decisions for the data under its jurisdiction. The department, rather than a local educational agency, shall be liable for its decisions relating to the management of data under its control according to applicable provisions of law. If the department and a local educational agency participate jointly in the management of data, both the department and the local educational agency shall be liable to the extent of their respective involvement according to applicable provisions of law. This subdivision does not limit the liability of a researcher who obtains data pursuant to this section and who releases that data in violation of either FERPA or its implementing regulations, or subdivision (t) of Section 1798.24 of the Civil Code.

(g) The department shall perform the duties specified in this section with its existing resources.

(h) This section shall remain in effect only until July 1, 2013, and as of January 1, 2014, is repealed, unless a later enacted statute, that is enacted before January 1, 2014, deletes or extends that date.

(i) It is the intent of the Legislature that, prior to extending or repealing the dates specified in subdivision (h), the appropriate policy committees of each house shall review and consider both of the following:

(1) Changes in federal law related to access to pupil data, including, but not limited to, the reauthorization of the federal Elementary and Secondary Education Act (20 U.S.C. Sec. 6301) and changes in FERPA.

(2) Any recommendations made by the working group convened pursuant to Section 2 of Chapter 561 of the Statutes of 2008.

(Added by Stats. 2010, 5th Ex. Sess., Ch. 1, Sec. 5. Effective April 12, 2010. Inoperative July 1, 2013. Repealed as of January 1, 2014, by its own provisions.)