National Data Privacy Agreement

The Student Data Privacy Consortium (SDPC) is proud to announce the release of the first National Data Privacy Agreement (NDPA) to streamline application contracting and set common expectations between schools/districts and marketplace providers.

National Data Privacy Clause Set Areas

Purpose of DPA

Student Data to be provided

Parent Access

Third Party Request

Privacy Compliance

Employee Obligation

Disposition of Data

Data Security

Destruction of Data

Employee Training

Security Coordinator

Period Risk Assessment

Privacy Compliance

Reasonable Precautions

Nature of Series Provided

Student Data Property of LEA

Separate Account


Authorized Use


Advertising Prohibition

Passwords and Employee Access

Security Protocols

Security Technology

Sub-processors Bound

Data Breach

Annual Notification of Rights

Unauthorized Access Notification 


The SDPC started with a grand vision that all schools could use the initial Cambridge Schools Data Privacy Agreement (DPA) clause set in use with more than 50 districts.  After a great amount of growth and feedback, schools and states indicated they needed their own state-specific version of the DPA for larger adoption.  Twenty-eight State Alliances and five years later the conversation has come full circle – now 13 states are using a very similar DPA. 

The Alliance leaders determined in 2019 that there was enough commonality between their DPAs that a national DPA Project Team be formed and explore the viability of developing a draft that could be used by any school/district across the US.  Two years later, the Community is proud to release the first version of the NDPA.

The NDPA has been developed with extensive review and comments from schools, districts, state organizations, marketplace providers and their legal representatives.  It is designed to address common student data privacy concerns and streamline the educational application contracting processes for schools/districts who do not have the legal or fiscal resources and vendors who previously had to sign “one off” contracts with each of the over 13,000 US school districts.  While the NPDA allows for any state specific legislative requirements, the majority of the privacy expectations are standardized and can be used by any entity as part of their Terms of Service Agreements.

To find out more and get your needs addressed, please join in the conversations by being part of the Consortium. 

© 2021 Access 4 Learning (A4L) Community.   All Rights Reserved.  This document may only be used by A4L Community members and may not be altered in any substantive manner.

National Data Privacy Agreement

Recorded: August 5, 2020. This briefing provides an overview of the National Data Privacy Agreement (NDPA).