You are here

2016 Colorado Data Privacy Law Resources


Per the Student Data Transparency and Security Act (PDF), CDE is required to provide Local Education Providers (LEPs) with sample privacy and security policies.  CDE has drafted a suite of privacy and security policies.  The policies include information regarding data breach processes and definitions, data retention and destruction, privacy compliance standards, and other security and privacy best practices. Go here to view and download our sample LEP privacy and security policies.


As CDE works to analyze, interpret, and comply with the new Colorado Data Privacy Law (C.R.S. 22-16-101 et. al. formerly HB16-1423 (PDF)), we will be providing resources to assist the other parties who have obligations under the law in fulfilling those requirements.  Content will be added as it becomes available.

CDE has presented an implementation timeline to the State Board of Education.  This timeline discusses the approximate dates when our requirements from the law will be completed.

General Guidance

Contracts and Agreements

Data Collection Guidance

Transparency Guidance

Third Party Guidance

CDE Compliance Activities

  • Per C.R.S.22-16-105 (2)(a), CDE is required to create a research review process and gain approval from the State Board of Education.  The State Board approved the process on September 14, 2016.  View the process presentation.


If you have questions, contact the Data Privacy Office at