DRC ensures that student data remain confidential and secure at all times. Our practices adhere to the federal Family Educational Rights and Privacy Act (FERPA) regulations for the security and confidentiality of student data, and our systems provide data privacy safeguards throughout every step of an assessment process. DRC follows stringent procedures to protect data containing personally identifiable information (PII) and frequently verifies these procedures to confirm adherence. All DRC staff members receive training on data security and confidentiality requirements.

All student data are fully secured before, during, and after testing, including demographic information about the student, the student’s answers to questions, and the scores the student receives. Access to student data is only granted to those DRC employees and school, district, and state personnel who are directly working on data-related tasks associated with the assessments. Only school or district staff who are authorized by the client (i.e., the state agency) are allowed to access student data, and they must sign a confidentiality statement agreeing not to disclose student information to anyone other than an approved state, district, or school official.

The client (state agency) retains ownership of student data at all times. DRC does not share student data with third parties unless approved by the client. Likewise, we do not use student data for any purposes other than those required by the client.