§ 116E‑5.  North Carolina Longitudinal Data System.

(a) There is created the North Carolina Longitudinal Data System. The System shall be located administratively within the Department of Public Instruction but shall exercise its powers and duties independently of the Department of Public Instruction and the State Board of Education.

(b) The System shall allow users to do the following:

(1) Effectively organize, manage, disaggregate, and analyze individual student and workforce data.

(2) Examine student progress and outcomes over time, including preparation for postsecondary education and the workforce.

(c) The System shall be considered an authorized representative of the Department of Public Instruction, The University of North Carolina, and the North Carolina System of Community Colleges under applicable federal and State statutes for purposes of accessing and compiling student record data for research purposes.

(d) The System shall perform the following functions and duties:

(1) Serve as a data broker for the System, including data maintained by the following:

a. The Department of Public Instruction.

b. Local boards of education, local school administrative units, and charter schools.

c. The University of North Carolina and its constituent institutions.

d. The Community Colleges System Office and local community colleges.

e. The North Carolina Independent College and Universities, Inc., and private colleges or universities.

f. Nonpublic schools serving elementary and secondary students.

g. The Department of Commerce, Division of Employment Security.

h. The Department of Revenue.

i. The Department of Health and Human Services.

j. The Department of Labor.

(2) Ensure routine and ongoing compliance with FERPA, the Internal Revenue Code, and other relevant privacy laws and policies, including the following:

a. The required use of de‑identified data in data research and reporting.

b. The required disposition of information that is no longer needed.

c. Providing data security, including the capacity for audit trails.

d. Providing for performance of regular audits for compliance with data privacy and security standards.

e. Implementing guidelines and policies that prevent the reporting of other potentially identifying data.

(3) Facilitate information and data requests for State and federal education reporting with existing State agencies as appropriate.

(4) Facilitate approved public information requests.

(5) Develop a process for obtaining information and data requested by the General Assembly and Governor of current de‑identified data and research.

(e) Use of data accessible through the System shall be regulated in the following ways:

(1) Direct access to data shall be restricted to authorized staff of the System.

(2) Only de‑identified data shall be used in the analysis, research, and reporting conducted by the System.

(3) The System shall only use aggregate data in the release of data in reports and in response to data requests.

(4) Data that may be identifiable based on the size or uniqueness of the population under consideration shall not be reported in any form by the System.

(5) The System shall not release information that may not be disclosed under FERPA, the Internal Revenue Code, and other relevant privacy laws and policies.

(6) Individual or personally identifiable data accessed through the System shall not be a public record under G.S. 132‑1.

(f) The System may receive funding from the following sources:

(1) State appropriations.

(2) Grants or other assistance from local school administrative units, community colleges, constituent institutions of The University of North Carolina, or private colleges and universities.

(3) Federal grants.

(4) Any other grants or contributions from public or private entities received by the System. (2012‑133, s. 1(a).)