5125 BP Board Policy

Student Records

LAST REVISED: 05/13/2026 · CHECKED: 5/24/2026 · REVISION ID: 5slsh6fbqPykxsj9slshfOY1X3uw==

Official version on Simbli ↗ View JSON ↗

The Governing Board recognizes the importance of keeping accurate, comprehensive student records as required by law. The Superintendent or designee shall establish administrative regulations governing the identification, collection, retention, disclosure, and security of student records. These regulations shall ensure the rights of authorized persons to have timely access to student records while maintaining the confidentiality of student records in accordance with state and federal law. The Superintendent or designee shall designate a certificated employee to serve as custodian of records with responsibility for student records at the district level. At each school, the principal or a certificated employee shall be designated as custodian of records for students enrolled at that school. The custodian of records shall be responsible for implementing Board policy and administrative regulation regarding student records. (5 CCR 431) If student records containing covered information which is not subject to the California Consumer Privacy Act are under the control of the operator of a website, online service or application, or mobile application, and the student's parent/guardian or the student, if 18 years of age or older, requests deletion of such records, the Superintendent or designee shall provide documentation to the operator that the student has not been enrolled in the district for at least 60 days. (Business and Professions Code 22584) All appropriate personnel shall receive training regarding district policies and procedures for gathering and handling sensitive student information, including which information should not be solicited. The district shall not collect or solicit social security numbers or the last four digits of social security numbers of students or their parents/guardians, unless otherwise required to do so by state or federal law. (Education Code 49076.7) The immigration or citizenship status of a student or a student's family member may only be collected and disclosed in accordance with Board Policy/Administrative Regulation 1445 - Response to Immigration Enforcement. Neither the district nor any district employee shall compile a list, registry, or database based on students' national origin, ethnicity, or religious belief, practice, or affiliation, or disclose student information to federal government authorities for the purpose of compiling such a list, registry, or database for purposes of immigration enforcement. This prohibition does not apply to information that is aggregated and is not personally identifiable. (Government Code 8310.3) The Superintendent or designee shall develop protocols to comply with a court's restraining order that prohibits a party from accessing specified records and information pertaining to a student. (Family Code 6323.5) Student Records from Social Media The Superintendent or designee may gather and maintain information from the social media of any district student, provided that the district first notifies students and parents/guardians about the proposed program, offers an opportunity for public comment at a regularly scheduled Board meeting, and gathers only information that directly pertains to school safety or student safety. (Education Code 49073.6) Retention, Disclosure, and Security of Student Records The Superintendent or designee shall ensure the confidentiality of student records as required by law and shall establish processes and procedures to safeguard data against damage, loss, or theft, including damage, loss, or theft which may be caused by the use of technology, including artificial intelligence and breaches to the district's digital infrastructure, in the retention or disclosure of student records. The Superintendent or designee shall ensure that employees receive information and training about cybersecurity, including ways to protect student records from breaches to the district's digital infrastructure. If the district experiences a cyberattack that impacts more than 500 students or personnel, the Superintendent or designee shall report the cyberattack to the California Cybersecurity Integration Center. (Education Code 35266) The Superintendent or designee may enter into a contract with a third party for the digital storage, management, and retrieval of student records and/or to authorize a third party provider of digital software to access, store, and use student records, provided that the contract meets the requirements of Education Code 49073.1 and other applicable state and federal laws.

Legal & Management References

State

5 CCR 16020-16027 - Destruction of records of school districts

5 CCR 430-438 - Individual student records

Bus. and Prof. Code 22580-22582 - Privacy rights for California minors in the digital world

Bus. and Prof. Code 22584-22585 - Student Online Personal Information Protection Act

Bus. and Prof. Code 22586-22587 - Early Learning Personal Information Protection Act

Code of Civil Procedure 1985.3 - Subpoena duces tecum

Ed. Code 17604 - Delegation of powers to agents

Ed. Code 220.3 - Prohibition of requiring employee or contractor to disclose information related to student’s sexual orientation, gender identity, or gender expression

Ed. Code 234.7 - Student protections relating to immigration and citizenship status

Ed. Code 33328.5 - Statewide AI Task Force

Ed. Code 35266 - Reporting of cyberattacks

Ed. Code 48201 - Transfer student's record for acts that resulted in suspension or expulsion

Ed. Code 48853.5 - Foster youth; placement, immunizations

Ed. Code 48902 - Notification of law enforcement of specified violations

Ed. Code 48904-48904.3 - Withholding grades, diplomas, or transcripts

Ed. Code 48918 - Rules governing expulsion procedures

Ed. Code 48980 - Parent/Guardian notifications

Ed. Code 48985 - Notices to parents/guardians in language other than English

Ed. Code 49060-49079 - Student records

Ed. Code 49091.14 - Parent/guardian review of curriculum

Ed. Code 51745 - Independent study

Ed. Code 56041.5 - Rights of students with disabilities

Ed. Code 56050 - Surrogate parents

Ed. Code 56055 - Foster parents

Ed. Code 60900-60901 - California Longitudinal Pupil Achievement Data System

Ed. Code 69432.9 - Cal Grant program; notification of grade point average

Ed. Code 69475 - Conditional repeal of Cal Grant program

Fam. Code 3025 - Access to records by noncustodial parents

Fam. Code 6323.5 - Ex parte orders

Fam. Code 6552 - Caregiver's authorization affidavit

Gov. Code 7920.000-7930.215 - California Public Records Act

H&S Code 120440 - Immunizations; disclosure of information

Pen. Code 245 - Assault with deadly weapon

W&I Code 16010 - Health and education records of a minor

W&I Code 681 - Truancy petitions

W&I Code 701 - Juvenile court law

Federal

15 USC 6501-6506 - Children’s Online Privacy Protection Act

16 CFR Part 312 - Children's Online Privacy Protection Rule

20 USC 1232g - Family Educational Rights and Privacy Act (FERPA) of 1974

20 USC 1232h - Protection of Pupil Rights Amendment

26 USC 152 - Definition of dependent child

34 CFR 300.501 - Opportunity to examine records for parents/guardians of student with disability

34 CFR 99.1-99.8 - Family Educational Rights and Privacy Act

42 USC 11434a - McKinney-Vento Homeless Assistance Act; definitions

Management Resources

CA Office of the Attorney General Publication - Promoting a Safe and Secure Learning Environment for All: Guidance and Model Policies to Assist California's TK-12 Schools in Responding to Requests for Access and Information for Immigration Enforcement Purposes, December 2025

CSBA Publication - Understanding Artificial Intelligence in K-12 Education: What Governance Teams Should Know, September 2023

CSBA Publication - Legal Guidance on Providing All Children Equal Access to Education, Regardless of Immigration Status, February 2017

Federal Register - Final Rule and Analysis of Comments and Changes, Family Educational Rights and Privacy, December 9, 2008, Vol. 73, No. 237, pages 74806-74855

U.S. Department of Education Publication - IDEA and FERPA Crosswalk: A side-by-side comparison of the privacy provisions under Parts B and C of the IDEA and FERPA, August 2022

U.S. Department of Education Publication - School Resource Officers, School Law Enforcement Units, and the Family Educational Rights and Privacy Act (FERPA), February 2019

U.S. Department of Education Publication - An Eligible Student Guide to the Family Educational Rights and Privacy Act (FERPA), March 2023

U.S. Department of Education Publication - A Parent Guide to the Family Educational Rights and Privacy Act (FERPA), July 2021

U.S. Department of Education Publication - Balancing Student Privacy and School Safety: A Guide to the Family Educational Rights and Privacy Act for Elementary and Secondary Schools, Oct 2007

U.S. Department of Education Publication - Joint Guidance on the Application of FERPA and HIPAA to Student Health Records, November 2008

Website - California Department of Education, Resources to Include Immigrant Families

Website - California Department of Education, LEA Immigration Enforcement Policy Submission

Website - California IT in Education, Student Data Privacy

Website - CSBA District and County Office of Education Legal Services

Website - U.S. Department of Education, Protecting Student Privacy

Website - California Office of the Attorney General

Website - California Department of Education

Website - CSBA