Skip to main content Skip to office menu Skip to footer
Capital IconMinnesota Legislature

HF 2899

as introduced - 89th Legislature (2015 - 2016) Posted on 03/10/2016 03:31pm

KEY: stricken = removed, old language.
underscored = added, new language.
Line numbers 1.1 1.2 1.3 1.4 1.5
1.6 1.7 1.8 1.9 1.10 1.11 1.12 1.13 1.14 1.15 1.16 1.17 1.18 1.19 1.20 1.21 1.22 1.23 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11 2.12 2.13 2.14 2.15 2.16 2.17 2.18 2.19 2.20 2.21 2.22 2.23 2.24 2.25 2.26 2.27 2.28 2.29 2.30 2.31 2.32 2.33 2.34 2.35 2.36 3.1 3.2 3.3 3.4 3.5 3.6 3.7 3.8 3.9 3.10 3.11 3.12 3.13 3.14 3.15 3.16 3.17 3.18
3.19 3.20 3.21 3.22 3.23 3.24 3.25 3.26 3.27 3.28 3.29 3.30 3.31 3.32 3.33 3.34 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11 4.12 4.13 4.14 4.15 4.16 4.17 4.18 4.19 4.20 4.21 4.22 4.23 4.24 4.25 4.26 4.27 4.28 4.29 4.30 4.31 4.32 4.33 4.34 4.35 5.1 5.2 5.3 5.4 5.5 5.6 5.7 5.8 5.9 5.10 5.11 5.12 5.13 5.14 5.15 5.16 5.17 5.18 5.19 5.20 5.21 5.22 5.23 5.24 5.25 5.26 5.27 5.28 5.29 5.30 5.31 5.32 5.33 5.34 5.35 6.1 6.2 6.3 6.4 6.5 6.6 6.7 6.8 6.9 6.10 6.11 6.12 6.13 6.14 6.15 6.16 6.17 6.18 6.19 6.20 6.21 6.22 6.23 6.24 6.25 6.26 6.27 6.28 6.29 6.30 6.31 6.32 6.33 6.34 6.35 6.36 7.1 7.2 7.3 7.4 7.5 7.6 7.7 7.8 7.9 7.10 7.11 7.12 7.13 7.14 7.15 7.16 7.17 7.18 7.19 7.20 7.21 7.22 7.23 7.24 7.25 7.26 7.27 7.28 7.29 7.30 7.31 7.32 7.33 7.34 7.35 8.1 8.2 8.3 8.4 8.5 8.6 8.7 8.8 8.9 8.10 8.11 8.12 8.13 8.14 8.15 8.16 8.17 8.18 8.19 8.20 8.21 8.22 8.23 8.24 8.25 8.26 8.27 8.28 8.29 8.30 8.31 8.32 8.33 8.34 9.1 9.2 9.3 9.4 9.5 9.6 9.7 9.8 9.9 9.10 9.11 9.12 9.13 9.14 9.15 9.16 9.17 9.18 9.19 9.20 9.21 9.22 9.23 9.24 9.25 9.26 9.27 9.28 9.29 9.30 9.31 9.32 9.33 9.34 9.35 10.1 10.2 10.3 10.4 10.5 10.6 10.7 10.8 10.9 10.10 10.11 10.12 10.13 10.14 10.15
10.16 10.17 10.18 10.19
10.20 10.21 10.22 10.23 10.24 10.25 10.26 10.27 10.28 10.29 10.30 10.31 10.32 10.33
11.1 11.2 11.3 11.4 11.5 11.6 11.7
11.8 11.9

A bill for an act
relating to data privacy; protecting student privacy with respect to electronic data
in student information systems; providing penalties; proposing coding for new
law in Minnesota Statutes, chapter 125B.

BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MINNESOTA:

Section 1.

new text begin [125B.40] DEFINITIONS.
new text end

new text begin (a) For the purposes of sections 125B.40 to 125B.44, the following terms have
the meanings given them.
new text end

new text begin (b) "Aggregate data" means student-related data collected and reported by an
educational institution at the group, cohort, or institutional level that contains no
personally identifiable student information.
new text end

new text begin (c) "De-identified" means having removed or obscured any personally identifiable
information from personally identifiable student information in a manner that prevents
the unintended disclosure of the identity of the student or information about the student.
Information shall not be considered de-identified if it meets the definition of "personally
identifiable student information" in paragraph (j).
new text end

new text begin (d) "Educational institution" means:
new text end

new text begin (1) a private or public school, institution, or school district, or any subdivision
thereof, that offers participants, students, or trainees an organized course of study or
training that is academic, trade-oriented, or preparatory for gainful employment, as well as
school employees acting under the authority or on behalf of an educational institution; or
new text end

new text begin (2) a state or local educational agency authorized to direct or control an entity in
clause (1).
new text end

new text begin (e) "Educational record" means an educational record as defined in United States
Code, title 20, section 1232g(a)(4).
new text end

new text begin (f) "Education research" means the systematic gathering of empirical information to
advance knowledge, answer questions, identify trends, or improve outcomes within the
field of education.
new text end

new text begin (g) "Elementary school" means the grade levels falling under the definition of
"elementary school," as that term is interpreted by state law for purposes of section 9101
of the Elementary and Secondary Education Act of 1965, United States Code, title 20,
section 7801 et seq.
new text end

new text begin (h) "Law enforcement official" means an officer or employee of any agency or
authority of the state of Minnesota, or a political subdivision or agent thereof, who is
empowered by law to investigate or conduct an official inquiry into a potential violation of
law, make arrests, or prosecute or otherwise conduct a criminal, civil, or administrative
proceeding arising from an alleged violation of law.
new text end

new text begin (i) "Opt-in agreement" means a discrete, verifiable, written, or electronically
generated agreement by which, subject to the provisions of sections 125B.40 to 125B.44,
a student or the student's parent or legal guardian voluntarily grants a school employee,
SIS provider, or 1-to-1 device provider with limited permission to access and interact with
a specifically defined set of personally identifiable student information.
new text end

new text begin (j) "Personally identifiable student information" means one or more of the following:
new text end

new text begin (1) a student's name;
new text end

new text begin (2) the name of a student's parent, legal guardian, or other family member;
new text end

new text begin (3) the address of a student or student's parent, legal guardian, or other family
member;
new text end

new text begin (4) a photograph, video, or audio recording that contains the student's image or voice;
new text end

new text begin (5) indirect identifiers, including but not limited to a student's date of birth, place of
birth, mother's maiden name, Social Security number, student number, biometric record,
telephone number, credit card account number, insurance account number, financial
services account number, customer number, persistent online identifier, e-mail address,
social media address, or other electronic address;
new text end

new text begin (6) any aggregate or de-identified student data that is capable of being disaggregated
or reconstructed to the point that individual students can be identified; and
new text end

new text begin (7) any student data or other information that, alone or in combination, is linked or
linkable to a specific student that would allow a reasonable person, who does not have
personal knowledge of the relevant circumstances, to identify a specific student with
reasonable certainty.
new text end

new text begin (k) "School employee" means an individual who is employed by an educational
institution, compensated through an annual salary or hourly wage paid by an educational
institution, and whose services are primarily rendered at a physical location which is
owned or leased by that educational institution. For purposes of sections 125B.40 to
125B.44, individuals with law enforcement or school security responsibilities, including
school resource officers, school district police officers, contract or private security
companies, security guards, or other law enforcement personnel are not school employees.
new text end

new text begin (l) "SIS provider" means an entity that sells, leases, provides, operates, or maintains
a student information system for the benefit of an educational institution.
new text end

new text begin (m) "Student" means any student, participant, or trainee, whether full time or part
time, in an organized course of study at an educational institution.
new text end

new text begin (n) "Student data" means data that is collected and stored by an educational
institution, or by a person or entity acting on behalf of that institution, and included in a
student's educational record.
new text end

new text begin (o) "Student information system" or "SIS" means a software application or
cloud-based service that allows an educational institution to input, maintain, manage, or
retrieve student data or personally identifiable student information, including applications
that track or share personally identifiable student information in real time.
new text end

Sec. 2.

new text begin [125B.41] STUDENT INFORMATION SYSTEMS.
new text end

new text begin Subdivision 1. new text end

new text begin Student information system contracts; requirements;
prohibitions.
new text end

new text begin (a) Any contract or other agreement between an educational institution and
an SIS provider pursuant to which the SIS provider sells, leases, provides, operates, or
maintains an SIS for the benefit of the educational institution shall expressly authorize
and require the SIS provider to:
new text end

new text begin (1) establish, implement, and maintain appropriate security measures, consistent
with current best practices, to protect the student data and personally identifiable student
information the SIS provider creates, sends, receives, stores, and transmits in conjunction
with the operation of the student information system;
new text end

new text begin (2) acknowledge that no data stored on the student information system is the
property of the SIS provider;
new text end

new text begin (3) establish and implement policies and procedures for responding to data breaches
involving the unauthorized acquisition of or access to any personally identifiable student
information on the student information system. Such policies and procedures, at a
minimum, shall:
new text end

new text begin (i) require notice be provided by the SIS provider to any and all affected parties,
including educational institutions, students, and students' parents and legal guardians,
within 30 days of the discovery of the breach;
new text end

new text begin (ii) require the notice to include a description of the categories of sensitive personally
identifiable information that was, or is reasonably believed to have been, accessed or
acquired by an unauthorized person;
new text end

new text begin (iii) require the notice to provide a procedure by which affected parties may learn
what types of sensitive personally identifiable information the SIS provider maintained
about the affected individual; and
new text end

new text begin (iv) satisfy all other applicable breach notification standards established under state
or federal law;
new text end

new text begin (4) permanently delete all data stored on the student information system, and
destroy all nondigital records containing any personally identifiable student information
retrieved from the student information system, within 90 days of the termination of the
SIS provider's contact with the educational institution, except where the SIS provider and
the person authorized to sign a valid opt-in agreement pursuant to subdivision 2 mutually
agree the SIS provider will retain specifically identified data or nondigital records for
the student's benefit. Prior to deletion, if requested by the educational institution, the
terminated SIS provider shall transfer a designated portion or all of the data stored on
the student information system to another designated SIS provider at the educational
institution's expense; and
new text end

new text begin (5) comply with all the applicable obligations and restrictions established for SIS
providers in sections 125B.40 to 125B.44.
new text end

new text begin (b) A contract or other agreement under paragraph (a) shall expressly prohibit the
SIS provider from:
new text end

new text begin (1) analyzing, interacting with, sharing, or transferring any student data or personally
identifiable student information the educational institution inputs into or otherwise
provides to the student information system unless:
new text end

new text begin (i) permission to do so has been granted under an opt-in agreement under subdivision
2;
new text end

new text begin (ii) the SIS provider analyzes or interacts with the student data or personally
identifiable student information:
new text end

new text begin (A) in order to meet a contractual obligation to the educational institution; and
new text end

new text begin (B) any analysis of or interaction with the data or information is limited to meeting
that contractual obligation;
new text end

new text begin (iii) the SIS provider analyzes or interacts with the student data or personally
identifiable student information:
new text end

new text begin (A) in response to a specific request made by an educational institution; and
new text end

new text begin (B) any data or information produced as a result of the analysis or interaction is
limited to the educational purpose for which it was sought;
new text end

new text begin (iv) the educational institution determines, and documents in writing, that sharing
specific student data or personally identifiable student information is necessary to
safeguard students' health or safety while students are traveling to or from the educational
institution, are on the educational institution's property, or are participating in an event or
activity supervised by the educational institution;
new text end

new text begin (v) at the request of the educational institution, the SIS provider de-identifies or
aggregates student data or personally identifiable student information for the purpose of:
new text end

new text begin (A) enabling the educational institution to comply with federal, state, or local
reporting and data-sharing requirements; or
new text end

new text begin (B) education research; or
new text end

new text begin (vi) the data is accessed by the SIS provider for the exclusive purpose of testing and
improving the value and performance of its student information system for the benefit of
the educational institution. Where data is accessed to test and improve student information
system value and performance:
new text end

new text begin (A) any copied data shall be permanently deleted within 60 days of the date the
copy was created; and
new text end

new text begin (B) any data analysis that contains personally identifiable student information shall
be permanently deleted within 60 days of the date the analysis was created;
new text end

new text begin (2) selling any student data or personally identifiable student information stored on
or retrieved from the student information system unless it is sold as part of a sale or merger
of the entirety of the SIS provider's business. Upon such a sale or merger, the provisions
of sections 125B.40 to 125B.44, and any relevant contracts or agreements, shall apply
fully to the new purchasing or controlling person or entity; and
new text end

new text begin (3) using any student data or personally identifiable student information stored on or
retrieved from the student information system to inform, influence, or guide marketing or
advertising efforts directed at a student, a student's parent or legal guardian, or a school
employee, except pursuant to a valid opt-in agreement; and
new text end

new text begin (4) using any student data or personally identifiable student information stored on or
retrieved from the student information system to develop, in whole or in part, a profile of a
student or group of students for any commercial or other noneducational purposes.
new text end

new text begin Subd. 2. new text end

new text begin Opt-in agreements. new text end

new text begin (a) A valid opt-in agreement shall identify, with
specificity:
new text end

new text begin (1) the precise subset of personally identifiable student information in the
student information system, which may include student attendance records and student
disciplinary records, as to which the SIS provider is being granted authority to access,
analyze, interact with, share, or transfer;
new text end

new text begin (2) the name of the SIS provider to whom the authority to access, analyze,
interact with, share, or transfer personally identifiable student information in the student
information system is being granted;
new text end

new text begin (3) the educational purpose for which the authority to access, analyze, interact with,
share, or transfer personally identifiable student information is being granted; and
new text end

new text begin (4) the individual student to whom the opt-in agreement applies.
new text end

new text begin (b) An opt-in agreement shall only be valid if it has been signed by:
new text end

new text begin (1) the student's parent or guardian, if the student is in elementary school;
new text end

new text begin (2) the student and the student's parent or legal guardian, if the student has advanced
beyond elementary school but has not yet reached the age of majority; or
new text end

new text begin (3) the student alone, if the student has reached the age of majority.
new text end

new text begin (c) A valid opt-in agreement may authorize an SIS provider to share or transfer
personally identifiable student information to another person or entity only where:
new text end

new text begin (1) the purpose of the transfer of the personally identifiable student information is
to benefit:
new text end

new text begin (i) the operational, administrative, analytical, or educational functions of the
educational institution, including education research; or
new text end

new text begin (ii) the student's education;
new text end

new text begin (2) the subset of personally identifiable student information to be shared or
transferred is identified with specificity in the opt-in agreement;
new text end

new text begin (3) the person or entity to whom the personally identifiable student information is
being shared or transferred is identified with specificity in the opt-in agreement;
new text end

new text begin (4) the benefit to the educational institution or student is identified with specificity in
the opt-in agreement; and
new text end

new text begin (5) for each student, a record of what specific personally identifiable student
information pertaining to that student was shared or transferred, when it was shared or
transferred, and with whom it was shared or transferred is appended to the student's record.
new text end

new text begin (d) Any person or entity that accesses or takes possession of any student data or
personally identifiable student information under subdivision 1, paragraph (b), clause (1),
item (i); or clause (2), shall be subject to the same restrictions and obligations under this
section as the SIS provider from which the student data or personally identifiable student
information was obtained.
new text end

new text begin (e) An opt-in agreement shall not be valid if it grants general authority to access,
analyze, interact with, share, or transfer a student's personally identifiable student
information in a student information system.
new text end

new text begin (f) Except as authorized in this section, no SIS provider, school employee, or other
person or entity who receives personally identifiable student information, directly or
indirectly, from a student information system pursuant to an opt-in agreement may share,
sell, or otherwise transfer such information to another person or entity.
new text end

new text begin (g) An opt-in agreement may be revoked at any time, upon written notice to an
educational institution, by the person eligible to authorize an opt-in agreement under
paragraph (b). Within 30 days of such a revocation, notice to the SIS provider shall be
provided by the educational institution.
new text end

new text begin (h) An SIS provider that accesses, analyzes, interacts with, shares, or transfers
personally identifiable student information to another person or entity shall bear the
burden of proving that it acted pursuant to a valid opt-in agreement.
new text end

new text begin (i) No educational benefit may be withheld from, or punitive measure taken against,
a student or the student's parent or legal guardian based in whole or in part upon a decision
not to sign, or to revoke, an opt-in agreement.
new text end

new text begin Subd. 3. new text end

new text begin School employees. new text end

new text begin (a) Subject to written authorization from the
educational institution, school employees may access and interact with student data and
personally identifiable student information on a student information system in furtherance
of their professional duties. Notwithstanding any other provisions in this section, no
school employee may receive authorization to access and interact with student data or
personally identifiable student information on a student information system until the
employee has received adequate training to ensure the school employee's understanding
and compliance with the provisions of this section.
new text end

new text begin (b) School employees may not sell, share, or otherwise transfer student data or
personally identifiable student information to another person or entity, except:
new text end

new text begin (1) where specifically authorized to do so pursuant to this section;
new text end

new text begin (2) with the educational institution that employs the school employee;
new text end

new text begin (3) with another school employee who is eligible to access such information
pursuant to paragraph (a); or
new text end

new text begin (4) where:
new text end

new text begin (i) the school employee is a teacher;
new text end

new text begin (ii) the teacher is transferring student data to a software application for classroom
record keeping or management purposes only;
new text end

new text begin (iii) any third parties with access to the software application are expressly prohibited
from reviewing or interacting with the transferred data; and
new text end

new text begin (iv) any data transferred to the software application by the teacher is deleted by the
teacher within 45 days of such time as it is no longer being actively used for classroom
record keeping or management purposes.
new text end

new text begin Subd. 4. new text end

new text begin Parent or guardian access to student data. new text end

new text begin (a) A student's parent or
guardian, upon written request to an educational institution, shall be permitted to inspect
and review the child's student data and personally identifiable student information that
is stored on a student information system. Educational institutions shall afford parents
and legal guardians a reasonable and fair opportunity to request corrections to or seek
removal of inaccurate data.
new text end

new text begin (b) The right of a student's parent or guardian to review the child's student data and
personally identifiable student information shall not apply where:
new text end

new text begin (1) such information was supplied by the child to the educational institution; and
new text end

new text begin (2) there is a reasonable likelihood the disclosure of such information would
generate a threat to the student's health or safety.
new text end

new text begin (c) The right of a student's parent or guardian to review their child's student data and
personally identifiable student information shall not apply where access to particularly
specified information has been waived by the student or the student's parent or guardian.
new text end

new text begin (d) When a student reaches the age of majority, the rights granted to a student's
parents and legal guardian pursuant to this subdivision shall terminate and instead shall
vest with the student.
new text end

new text begin (e) An educational institution shall establish appropriate procedures for:
new text end

new text begin (1) reviewing and responding to requests made pursuant to this subdivision within
30 days of its receipt of the request; and
new text end

new text begin (2) requesting and receiving a fair hearing in the event a requested correction
is denied.
new text end

new text begin Subd. 5. new text end

new text begin Requirements for deletion of data in student information systems. new text end

new text begin One
year after a student's graduation, withdrawal, or expulsion from an educational institution,
all student data and personally identifiable student information related to that student that
is stored in a student information system shall be deleted. This provision shall not apply to:
new text end

new text begin (1) a student's name and Social Security number;
new text end

new text begin (2) a student's transcript, graduation record, letters of recommendation, and other
information required by an institution of higher education for an application for admission
or by a potential employer for an application for employment;
new text end

new text begin (3) student data and personally identifiable student information that is the subject of
an ongoing disciplinary, administrative, or judicial action or proceeding;
new text end

new text begin (4) de-identified student data that is being retained at the request of the educational
institution for the purpose of educational research or analysis; and
new text end

new text begin (5) student data or personally identifiable student information where its retention is
otherwise required by law or a judicial order or warrant.
new text end

new text begin Subd. 6. new text end

new text begin Requirements for deletion of physical or digital copies of student
data.
new text end

new text begin Within 180 days of receiving notification, pursuant to subdivision 7, of a student's
graduation, withdrawal, or expulsion from an educational institution, all physical or digital
copies of any student data and personally identifiable student information related to the
student that was obtained from a student information system and is in the possession or
under the control of an SIS provider or other third party shall be deleted or destroyed.
This provision shall not apply to:
new text end

new text begin (1) student data and personally identifiable student information that is the subject of
an ongoing disciplinary, administrative, or judicial action or proceeding;
new text end

new text begin (2) aggregated or de-identified student data obtained for the purpose of education
research;
new text end

new text begin (3) student data or personally identifiable student information where its retention is
otherwise required by law or a judicial order or warrant; and
new text end

new text begin (4) specifically identified student data or personally identifiable student information,
where:
new text end

new text begin (i) its retention is requested by the person authorized to sign a valid opt-in agreement
pursuant to subdivision 2, paragraph (b); and
new text end

new text begin (ii) the SIS provider and educational institution voluntarily consent to its retention.
new text end

new text begin Subd. 7. new text end

new text begin Notice to SIS provider and third parties. new text end

new text begin Within 90 days of a student's
graduation, withdrawal, or expulsion from an educational institution, notice of such
shall be provided by the educational institution to the SIS provider, which shall in turn
notify any third parties with whom the SIS provider shared the student's student data or
personally identifiable student information.
new text end

new text begin Subd. 8. new text end

new text begin Access under law, judicial warrant, or audit. new text end

new text begin No person or entity, other
than an educational institution, school employee, or SIS provider, other than as provided
for in this section, shall be granted access to review or interact with a student information
system and the data thereon, unless otherwise authorized to do so by law, pursuant to a
judicial warrant, or as part of an audit initiated by an educational institution.
new text end

new text begin Subd. 9. new text end

new text begin Directory information permitted. new text end

new text begin Nothing in this section shall be read
to prohibit an educational institution from providing directory information to a vendor
for the express purpose of providing photography services, class ring services, yearbook
or student publication publishing services, memorabilia services, or similar services,
provided the vendor agrees in writing:
new text end

new text begin (1) not to sell or transfer the data to any other persons or entities;
new text end

new text begin (2) to use the data solely for the express purpose for which it was provided; and
new text end

new text begin (3) to destroy the data upon completion of its use for the express purpose for which
it was provided.
new text end

new text begin Subd. 10. new text end

new text begin Interaction with other law. new text end

new text begin Nothing in this section shall be read to
supersede or otherwise limit any laws that provide enhanced privacy protections to
students or further restrict access to their educational records or personally identifiable
student information.
new text end

Sec. 3.

new text begin [125B.42] LIMITATIONS ON USE.
new text end

new text begin Evidence or information obtained or collected in violation of sections 125B.40
to 125B.44 shall not be admissible in any civil or criminal trial or legal proceeding,
disciplinary action, or administrative hearing.
new text end

Sec. 4.

new text begin [125B.43] PENALTIES.
new text end

new text begin (a) Any person or entity who violates sections 125B.40 to 125B.44 shall be subject
to legal action for damages or equitable relief, to be brought by any other person claiming
a violation of sections 125B.40 to 125B.44 has injured that person or that person's
reputation. A person so injured shall be entitled to actual damages, including mental
pain and suffering endured on account of violation of sections 125B.40 to 125B.44, and
reasonable attorney fees and other costs of litigation.
new text end

new text begin (b) Any school employee who violates sections 125B.40 to 125B.44, or any
implementing rule or regulation, may be subject to disciplinary proceedings and
punishment. For school employees who are represented under the terms of a collective
bargaining agreement, sections 125B.40 to 125B.44 prevail except where they
conflict with the collective bargaining agreement, any memorandum of agreement or
understanding signed pursuant to the collective bargaining agreement, or any recognized
and established practice relative to the members of the bargaining unit.
new text end

Sec. 5.

new text begin [125B.44] SEVERABILITY.
new text end

new text begin The provisions in sections 125B.40 to 125B.44 are severable. If any part or
provision of sections 125B.40 to 125B.44, or the application of sections 125B.40 to
125B.44 to any person, entity, or circumstance, is held invalid, the remainder of sections
125B.40 to 125B.44, including the application of such part or provision to other persons,
entities, or circumstances, shall not be affected by such holding and shall continue to
have force and effect.
new text end

Sec. 6. new text begin EFFECTIVE DATE.
new text end

new text begin Sections 1 to 5 are effective January 1, 2017.
new text end