Data Protection Officer Resources

Link to RIC One DPSS Website

Link to LHRIC/SWBOCES Supplemental Contract Information

Response to Malware - First 48 Hours.pdf  

DPO Training Webinar 

DPO Responsibilities SLIDE DECK.pdf  

DPO Workbook.pdf 

Ed Law 2-d Part 121 Regulations:  Data Security and Privacy Policy Overview

NYSED Draft Policy - Highlighted Document

DPIT (Data Privacy and Inventory Tool )Training Webinar


The supplemental information for LHRIC/SWBOCES contracted software is available using the link above.  A variety of contracting consortiums and buying channels are used to ensure Ed Law 2-d Part 121 Regulation compliance.  If you have any questions about the laws and regulation contact Dr. Madalyn Romano (  For questions regarding software through Student / Financial Services, contact Jay Dave (  For Instructional Software contracts, contact Mary Lynn Collins-Callanan (


What to do in the first 48 hours of a Cyber attack can make a big difference in the impact of the attack.  The link below will provide districts with steps to follow in the event of a Cyber attack on your systems.  

 Threat Landscape.pdf 

Additional Resources - Dealing with COVID-19

Online Conferencing Guidance

In the wake of the COVID-19 crisis, school districts have leveraged online conferencing platforms to stay connected.  Officials are raising concerns about security due to several reports of uninvited visitors crashing meetings. While educators continue the transition to digital learning, this site is a live document designed to assist school districts with best practices for providing secure online conferencing.

FERPA and Virtual Learning

Video Conferencing Tools in the Age of Remote Learning:  Privacy Considerations for New Technologies

DPO Mentoring Service

CoSer 611

Working side by side with district data privacy teams, the LHRIC will provide mentoring and guidance to help districts develop internal capacity to meet the requirements of Ed Law 2-d and the Regulations.

Participation in RIC One DPSS is required.

DPO Support Service

CoSer 611 

The goal is to provide assistance with the requirements of Ed Law 2-d and the Regulations based on district needs. A school district administrator retains the official title and authority of the DPO with the LHRIC performing routine functions and support.

Participation in RIC One DPSS is required. Availability is limited.

Digital Digest & Blasts

Digital Digests - Quarterly newsletters on the topic of data privacy and security with current information, effective strategies, best practices, and leadership resources.

Digital Blasts – Timely information as it occurs to keep districts informed of the latest developments in the field.

Tools & Resources icon

Digital Debrief

D3—Digital Digest Debrief – Deep dive webinar on a featured topic from the Digital Digest.

Periodic webinars and interviews with industry leaders on topics related to data privacy and security. 



Interview with Linnette Attai, Founder of Playwell LLC.


Software Inventory Tool

This tool enables districts to compile a list of their software inventory as well as links to third-party vendor’s software Privacy Policies and Notices thus enabling districts to comply with provisions of the New York State’s Parents’ Bill of Rights. Over 800 products are currently included in the database, and districts may submit requests for additional products.

Districts still retain responsibility to review vendor contracts. 

Professional Development

Web-based data privacy and security awareness training that follows a structured outline, including a formal assessment and printable certificate of completion.

Additional materials for instructor-led professional development are also available.