3 Tips to Keep Parents Assured that Student Data Is Protected
From assessing the functionality of tech to intervening before students fail classes, K–12 schools are making great use of data analytics. But with great power comes great responsibility. As K–12 schools collect and use more data, they also must ensure that students’ personally identifiable information (PII) is being kept private.
“The IT staff used to be able to police information security, making sure technologies were in place to protect the network infrastructure and enforcing access and password policies,” Bristol Warren Regional School District Technology Director Rose Muller tells EdTech. “But as we implement more educational technology and services that gather sensitive data, we have to make sure that everybody in our community is aware of security issues for themselves and our children.”
While there are laws that schools need to comply with, the large number of vendors and tools that they use might make it trickier to track data.
No one is more concerned about the security of student data than parents. The Parent Coalition for Student Privacy had this in mind when it created its Parent Toolkit for Student Privacy, a guideline parents and school administrators alike can reference.
We’ve pulled together key takeaways that stakeholders must keep in mind when it comes to student data.
SIGN UP: Get more news from the EdTech newsletter in your inbox every two weeks!
1. Understand Parental Rights Under FERPA
Among the laws that schools must comply with, the Family Education Rights and Privacy Act gives parents discretion over the types of data about their children that can be used.
The toolkit indicates that, under FERPA regulations, parents must be informed of the officials and third parties that schools may disclose PII to without parental consent. However, PII can’t just be shared indiscriminately in the school setting.
“Instead, disclosure should be limited to those teachers and other school employees directly responsible for the student’s education or services, who ‘need to know’ students’ information in order to be able to fulfill their professional responsibilities,” reports the toolkit.
Under FERPA, school districts must also annually remind parents of these rights.
2. Provide Proper Education on Digital Citizenship
Both schools and ed tech companies are emphasizing the importance of digital citizenship across the board. Google even developed an entire online game to teach the tenets of being a good citizen online.
In addition to meeting federal regulations regarding student information, schools have found success offering the school community digital citizenship lessons on what not to share online.
“Education is the best defense because that’s what can lead to everyone being diligent,” Craig Bates, the coordinator of instructional technology for Talladega County, Ala., tells EdTech.
Teachers can set an example to educate students on the consequences of their actions online, but the Parent Coalition for Student Privacy says that parents demonstrating good digital citizenship can be the most helpful for students.
“Before posting intimate photos or details about your children’s life on social media, consider the long-term implications of sharing this information so widely,” reads the toolkit. “Talking to your children about what’s appropriate for you to post is also a great way to jump-start important conversations about their own social media behavior.”
3. Commit to Data Governance in Vendor Partnerships
As more tools emerge to help schools analyze educational data and provide innovative learning experiences, schools need to assure families and educators that they are properly evaluating the tools before entering into an agreement.
The toolkit recommends that schools commit to a written agreement with the third parties using this information that they will protect it. Schools can also use online tools like the Student Privacy Pledge and Common Sense Media’s Privacy Evaluations to check up on the reputation of a vendor.
ISTE’s Jim Flanagan tells EdTech that before schools enter into any contracts with vendors, they should ask the following questions:
- What data are they capturing?
- Why are they capturing it?
- Where are they housing it?
- How do they recommend that schools house the data?