How K–12 Schools Can Balance Privacy and Security Protocols
As technology becomes more ubiquitous, schools must balance student access with student privacy laws.
There is a vast array of platforms available to schools and educators, which can make it difficult to stay abreast of protocols for disclosing personal information, especially when using third-party applications.
To offer some insight, the National Cyber Security Alliance offers guidance on using technology that adheres to the requirements of the Family Educational Rights and Privacy Act.
MORE FROM EDTECH: Check out how data privacy concerns are expanding with education technology use.
Educators Should Take Responsibility for Student Data Privacy
As education transitions into the digital space, private student data is now being collected in student information systems, learning management systems and other educational applications.
Teachers often use this data to enhance their instruction and target student needs, but they also need to protect their students.
It is crucial that educators understand the ways student data is collected and secured on all technological platforms so that they do not violate legal or ethical guidelines.
There are education technology curricula available that promote privacy procedures and educate students about online safety. Common Sense Education, for example, offers tips and tools to engage students in smart digital citizenship practices.
The First Step Is to Understand Student Data
Student records were originally regarded as personal information held by the educational institution under the protection of FERPA. However, many states have extended regulations to cover all information collected from modern technology applications.
This means schools must have a secure infrastructure that can prevent cyberthreats and protect student information stored in their digital systems.
Schools may consider investing in effective security measures such as next-generation endpoint security or hyperconverged infrastructure.
MORE FROM EDTECH: Hyperconvergence has arrived in mainstream K–12 data centers.
Evaluate Technology Tools for Effective Data Privacy
When considering implementing a new tech tool, schools should first look to see if they already have a list of approved applications in place.
Approved applications and websites do not keep ownership of the data and have appropriate privacy protections. Schools “must ensure that it retains direct control over the information the company collects, uses, and maintains,” according to the Future of Privacy Forum’s report, “The Educator’s Guide to Student Data Privacy.” “Schools are responsible for seeing that companies working with the school directly only use student information for authorized educational purposes.”
Microsoft for Education and Google for Education have already complied with these regulations and are widely used across U.S. schools.
For schools looking to adopt a new technology tool, it is essential to evaluate how a new solution protects your students’ information. For instance, does an app collect personally identifiable information, such as the child’s name or age? Does the app share or sell information to any other third party? If so, it should not be used.
Most importantly, does the app allow parents to access student data? It must do so in order to be in compliance with FERPA.
All of these considerations determine whether the educational tool enhances learning while protecting students. Common Sense Education can help schools evaluate the privacy policies of their external applications and see how those policies align with regulations.
Technology is constantly evolving in the education sphere. Schools must be quick to adapt to policy changes, do the research and use their best judgment to ensure that any new technology protects students.