Data Privacy and Security Services Support

Supporting District Response to Data Privacy

The RIC One Data Privacy and Security Service is a statewide initiative.  All twelve RICs are working together to provide districts with resources in support of Ed Law 2d Part 121 Regulations. The LHRIC is here to support your needs. We will continue to keep you up to date with information regarding NYSED deadlines and help your newly appointed Data Protection Officer fulfill the districts requirements. Resources can be found on the RIC One DPSS website.

Keep in mind, the need to protect not only the health of your students and staff but their data as well.  Be wary of "free" software offers.  Be sure to utilize Ed Law 2-d compliant tools for remote learning and video conferencing. Not sure if software is compliant with Ed Law 2-d? Use this link for the list of LHRIC supported Ed Law 2-d compliant software.

Any questions... feel free to reach out to Bill Kovari at

Data Protection Officer Resources

RIC One DPSS Website

LHRIC/SWBOCES Supplemental Contract Information

SWBOCES Library Services Contracts

First 48 Hours of a Cybersecurity Incident.pdf 

DPO Responsibilities SLIDE DECK.pdf  

DPO Data Security Planning Guide 


The supplemental information for LHRIC/SWBOCES contracted software is available using the link above.  A variety of contracting consortiums and buying channels are used to ensure Ed Law 2-d Part 121 Regulation compliance.  If you have any questions about the laws and regulation contact Bill Kovari (  For questions regarding software through Student / Financial Services, contact Jay Dave (  For Instructional Software contracts, contact Mary Lynn Collins-Callanan (


What to do in the first 48 hours of a Cyber attack can make a big difference in the impact of the attack.  The link below will provide districts with steps to follow in the event of a Cyber attack on your systems.  

 Threat Landscape.pdf 

DPO Mentoring Service

CoSer 611

Working side by side with district data privacy teams, the LHRIC will provide mentoring and guidance to help districts develop internal capacity to meet the requirements of Ed Law 2-d and the Regulations.

Participation in RIC One DPSS is required.

DPO Support Service

CoSer 611 

The goal is to provide assistance with the requirements of Ed Law 2-d and the Regulations based on district needs. A school district administrator retains the official title and authority of the DPO with the LHRIC performing routine functions and support.

Participation in RIC One DPSS is required. Availability is limited.

Digital Digest & Blasts

Digital Digests - Quarterly newsletters on the topic of data privacy and security with current information, effective strategies, best practices, and leadership resources.

Digital Blasts – Timely information as it occurs to keep districts informed of the latest developments in the field.

DPO Download


No one goes at it alone, K–12 organizations need to work collectively to address growing cybersecurity challenges. The DPO Download provides NYS School District Data Protection Officers with insightful interviews, threat landscape updates, and peer spotlights so they don’t have to go at it alone.

Listen to the latest DPO Download >

Software Inventory Tool

This tool enables districts to compile a list of their software inventory as well as links to third-party vendor’s software Privacy Policies and Notices thus enabling districts to comply with provisions of the New York State’s Parents’ Bill of Rights. Over 800 products are currently included in the database, and districts may submit requests for additional products.

Districts still retain responsibility to review vendor contracts. 

Professional Development

Web-based data privacy and security awareness training that follows a structured outline, including a formal assessment and printable certificate of completion.

Additional materials for instructor-led professional development are also available.