With so many students learning remotely as a result of the COVID-19 pandemic, there has never been a more critical time for districts to focus on student data privacy. Not only are students spending more time on their devices and online learning systems than ever before, but schools are increasingly becoming the victims of ransomware attacks.
As districts face the challenge of keeping students, parents, faculty, and staff connected during the pandemic, it’s crucial to protect each user’s private information by implementing data privacy measures that secure all critical data, protecting students, educators, and families. Student records and personally identifiable information are especially important to protect, as federal and state laws regulate the collection, use, sharing, and handling of this data.
In an effort to protect private and personally identifiable information, here are three keys to securing student data privacy:
- Create a vetting process for all new educational apps and tools.
To ensure data is handled safely in educational apps and tools, it’s important to vet new products and sites before giving students access to them. Every new product or tool that requests any student information should be evaluated for data security. In this vetting process, school leaders should identify which data a tool will request from each student and determine what the tool’s privacy options are. Many EdTech apps and tools provide in-depth student privacy notices that address the collection, usage, and retention of students’ personal information. It is especially important for districts and schools to evaluate the data security of tools that all students, teachers, and staff will use, such as learning management systems, online grade books, and communication tools.
- Familiarize yourself with relevant federal and state laws regarding student data.
Student data privacy is critical for student safety, and as such, there are several legal and ethical limitations on students’ personally identifiable information. Federal and state laws regulate the privacy of this information, making this an important responsibility for teachers, administrators, and IT staff to consider when choosing and vetting apps and tools for their schools. On a federal level, some of the main laws surrounding student privacy include the Family Educational Rights and Privacy Act (FERPA), the Protection of Pupil Rights Amendment (PPRA), and the Children’s Online Privacy Protection Act (COPPA). These laws restrict access to student information and control what information can legally be collected from children online.
- Identify and map all of the places where student data is collected or used.
While it’s certainly helpful to know the foundations of student privacy—including laws and regulations and the vetting process for new technology—it’s also important to regularly audit student data, even in apps and tools that have been used in your school or district consistently and long-term. State laws are constantly evolving to refine the ways student data is protected, and the privacy terms of your school’s commonly used EdTech apps and tools change periodically as well. This makes it critical to regularly audit student data privacy by doing an inventory of data and mapping all of the processes that collect or use student information. Through this evaluation, school leaders are able to share transparent privacy information with parents and students, guide teachers and staff with best practices for data privacy, identify security weaknesses, stop the collection of any unnecessary data, and more.
Securing student data privacy is an important part of protecting students online and ensuring student safety. While using EdTech apps and tools will always have inherent data privacy risks, approaching the use of these tools with these three keys in mind will help avoid student data leaks, ransomware attacks, and other incidents concerning students’ private information.
Gaggle has renewed its commitment to protecting student privacy by signing Pledge 2020, a new Student Privacy Pledge from the Future of Privacy Forum and the Software & Information Industry Association. Originally launched in 2016, the pledge has been updated to better reflect the latest data privacy best practices. Signatories of the pledge commit to the responsible stewardship and appropriate use of student data, protecting the privacy of students in today’s digital world.