How K-12 Schools Can Balance Privacy and Security Protocols
Posted on June 11, 2019 by WSIPC News
How K–12 Schools Can Balance Privacy and Security Protocols
Evolving classroom technology integrations require educators to be more mindful about how new tools affect student privacy.
As technology becomes more ubiquitous, schools must balance student access with student privacy laws.
There is a vast array of platforms available to schools and educators, which can make it difficult to stay abreast of protocols for disclosing personal information, especially when using third-party applications.
To offer some insight, the National Cyber Security Alliance offers guidance on using technology that adheres to the requirements of the Family Educational Rights and Privacy Act.
Educators Should Take Responsibility for Student Data Privacy
As education transitions into the digital space, private student data is now being collected in student information systems, learning management systems and other educational applications.
Teachers often use this data to enhance their instruction and target student needs, but they also need to protect their students.
It is crucial that educators understand the ways student data is collected and secured on all technological platforms so that they do not violate legal or ethical guidelines.
There are education technology curricula available that promote privacy procedures and educate students about online safety. Common Sense Education, for example, offers tips and tools to engage students in smart digital citizenship practices.
The First Step Is to Understand Student Data
Student records were originally regarded as personal information held by the educational institution under the protection of FERPA. However, many states have extended regulations to cover all information collected from modern technology applications.
This means schools must have a secure infrastructure that can prevent cyberthreats and protect student information stored in their digital systems.
Schools may consider investing in effective security measures such as next-generation endpoint security or hyperconverged infrastructure.
Evaluate Technology Tools for Effective Data Privacy
When considering implementing a new tech tool, schools should first look to see if they already have a list of approved applications in place.
Approved applications and websites do not keep ownership of the data and have appropriate privacy protections. Schools “must ensure that it retains direct control over the information the company collects, uses, and maintains,” according to the Future of Privacy Forum’s report, “The Educator’s Guide to Student Data Privacy.” “Schools are responsible for seeing that companies working with the school directly only use student information for authorized educational purposes.”
Microsoft for Education and Google for Education have already complied with these regulations and are widely used across U.S. schools.
For schools looking to adopt a new technology tool, it is essential to evaluate how a new solution protects your students’ information. For instance, does an app collect personally identifiable information, such as the child’s name or age? Does the app share or sell information to any other third party? If so, it should not be used.
Most importantly, does the app allow parents to access student data? It must do so in order to be in compliance with FERPA.
All of these considerations determine whether the educational tool enhances learning while protecting students. Common Sense Education can help schools evaluate the privacy policies of their external applications and see how those policies align with regulations.
Technology is constantly evolving in the education sphere. Schools must be quick to adapt to policy changes, do the research and use their best judgment to ensure that any new technology protects students.
Originally posted on edtechmagazine.com
Your Data is Safe with WSIPC
WSIPC takes the following measures to protect the privacy of your data:
- Data Ownership – WSIPC complies with state and federal laws and guidelines, including FERPA and HB-1741, in the handling and disclosing of personally identifiable information. We require district approval before we share your data, and we contractually require the same approval for any vendor or organization we work with.
- Data Security – Security assessments are conducted on WSIPC systems annually, by independent companies. The results of the assessments are used to ensure that our system security is continually updated to meet the ever-growing threat of cyber security attacks.
- Security Awareness – WSIPC participates with the following resources, among others, to stay informed and engaged:
- Student Data Privacy Consortium (SDPC) – a national alliance of states, districts, vendors and policy makers. WSIPC has been part of this organization since its inception.
- National Center for Educational Statistics – a multi-state forum operated by the US Department of Education.
- Future of Privacy Forum (FPF) – a nonprofit organization that serves as a catalyst for advancing principled data practices and fostering privacy leadership and scholarship.
Student data privacy is a top concern for WSIPC, and we will continue to do our utmost to ensure that your data is protected.
To learn about WSIPC’s security policies and practices, see our Data Privacy page on our website, or contact us at email@example.com or 425.349.6600.
WSIPC is a non-profit cooperative that provides technology solutions (including Skyward), services, and support to K-12 schools. WSIPC’s purpose is to help schools do more with every dollar and to empower them with the tools to work smarter. To learn how your district can become a part of the WSIPC Cooperative, contact us at firstname.lastname@example.org or 425.349.6600.
Inspired by education. Empowered by technology.TM