Student Data Privacy Is about More Than Just Passwords

By Laura Hicks on 06/22/2016 • ( 0 )

Through a collaboration between AASL and NASBE, I attended the Student Privacy Training Bootcamp sponsored by the National Association of State Boards of Education (NASBE) on Friday, June 10, at the Google headquarters in Washington, DC. I have to say I learned more than I thought I would. I figured I had a good grasp on student data privacy—keep confidential lists confidential and don’t use an online tool that requires students to create an account without making sure it is on the “approved” list. What I learned was student data is a much broader term than that.

When we talk about student data privacy we usually think about all that confidential information on lists we receive throughout the school year—allergies, free and reduced lunch enrollees, those receiving special education services and discipline logs. What we have to remember is that student data includes any personally identifiable information (PII) that pertains to students, including anything created online during the course of instruction. You know that cool Padlet wall you created where students shared their thoughts about a photo from the American Memory Collection? Student data. What about the Google Slides presentation they created to show their learning during the endangered species of America unit? Student data as well. When we start thinking about the bigger picture we realize that there is the potential for a multitude of loopholes in our daily teaching where student data could leak out to the public. We are all familiar with the data breaches occurring in companies like Target and Sony Pictures, but student data leaking out to the public is also a data breach and has a similar potential for litigious results. Ninety-five percent of data breach attempts are a result of human error. This includes everything from sharing a list on a webpage that you thought was secure to using an online tool that sells user information.

So what can we do to ensure student data privacy? Well that depends on your role in school. Administrators need to know how to create a culture of privacy, ensure transparency, and provide oversight to the process. Teachers need to know what the district policy is for use of online resources, whether there is a list of approved resources and what the dangers/repercussions are of a data breach. Regardless of your position in your district everyone needs to know basic Internet information about privacy policies, basic information about privacy laws (COPPA, FERPA, and PPRA), and how to safely use online applications.

The discourse during this training was invaluable. Our group included administrators, central office specialists, and school-based professionals. I would have to say that as stimulating as the collaboration was, the resources we walked away with were the gold at the end of the rainbow.

Here are just a few:

Agencies to Tap for Further Information:

Privacy Technical Assistance Center (PTAC) of the US Department of Education (http://ptac.ed.gov/)—arguably the best place for information about student privacy, legislative updates, and resources. What I came away with from this is if you have a question about student privacy, they are more than happy to answer an e-mail from anyone!

NASBE Education Privacy Resources (http://www.nasbe.org/project/education-data-privacy/)—resources to create or strengthen policies through publications, webinars, or collaborative sessions.

The Data Quality Campaign (DQC) Resources (http://dataqualitycampaign.org/resources/)—a searchable collection of informational and actionable resources, including fantastic infographics, fact sheets, and more.

Digital Literacy Resource Platform (DLRP) from the Berkman Center for Internet and Society at Harvard University (http://dlrp.berkman.harvard.edu/)—a searchable collection of curated resources for teachers, students, parents, and administrators.

Exemplars of District Privacy Presentations:

Arizona DOE – Protecting the Privacy and Security of Records (http://www.azed.gov/leadingchange/files/2015/06/6-23-15-maintaining-the-privacy-and-security-of-records-and-public-schools.pdf)

Denver Public Schools – Student Data Privacy (https://academictechnologymenu.dpsk12.org/studentdataprivacy.aspx)

ExcelinEd – Student Data Privacy Communications Toolkit (http://www.excelined.org/wp-content/uploads/Student-Data-Privacy-Comms-Toolkit.pdf)

Wisconsin Information System for Education – Overview to Student Data Privacy in WI (http://dpi.wi.gov/sites/default/files/imce/wisedash/ppt/Overview%20to%20Student%20Data%20Privacy.pptx.pdf)