While President Obama has taken steps to create stronger federal protections for students’ online privacy with the Student Digital Privacy Act, some schools and districts are looking for ways to get out in front of the issue. At the same time, parents and guardians are seeking outlets to address their own concerns about how schools are using their students’ personal information. Here are some ways that parents as well as schools and districts can ensure they’re taking the right precautions to protect student data.
What can schools and districts do?
- Be transparent with parents about your student data policies. Take the initiative to provide parents with the right information and to get parental consent whenever appropriate or necessary.
- Foster awareness of all laws concerning student data and student privacy. This includes ensuring that you’re in compliance with all federal laws governing student information, such as the Family Educational Rights and Privacy Act (FERPA) , the Protection of Pupil Rights Amendment (PPRA), and the Children’s Online Privacy and Protection Act (COPPA) , from administrative levels all the way down to individual classrooms.
- Create a set of policies to govern how educational services are selected and approved for use in your school.
- When working with third party providers, ensure their adherence to all federal, state, and local regulations regarding student data (i.e. FERPA, PPRA, COPPA, etc.). Be aware of what data they will be collecting and how it will be used.
- Do not retain student data for longer than necessary. Follow all legal requirements for data retention, and dispose of student information responsibly when it is no longer needed.
- Create a set of policies governing what software services individual teachers can use and implement in the classroom. Ensure teachers are trained on how to handle student data in a secure manner.
- Maintain a secure computing environment in your districts and school classrooms. Make sure servers, workstations, and mobile devices are regularly patched and have up-to-date anti-virus and anti-malware protection. Educate students, faculty, and administrators on basic privacy and security principles and how to avoid social engineering and other attacks.
What can parents and guardians do?
- Be aware of current laws governing student privacy (FERPA, PPRA, COPPA, etc.) and understand your rights as a parent.
- Inquire into the student data policies and practices of your child’s school or district. Ask about what information is being collected, how it’s being used, whether it’s being shared with any third parties, how long the information is retained, and what is being done to keep the information secure.
- Pay attention to what educational services and third party providers are being used by your child’s school, and if necessary, inquire into their student data policies and practices.
- You may be able to opt out of any data collection practices you’re not comfortable with. Speak with your school or district about their processes for opting out of certain types of student data collection.
- Be an active member of your parent teacher association. This will often give you the opportunity to have an inside look at the planning process for bringing in outside vendors as well as give you a forum for voicing concerns about student data and privacy.
- Keep up-to-date anti-virus and anti-malware software on your personal computers and educate yourself and your children about ways to keep personal information safe on personal devices.
This work first appeared on Edgenuity’s blog, Where Learning Clicks, on Feb. 18, 2015.