According to the U.S. Department of Education, hundreds of educational data breaches happen every single year. In the first nine months of this year, at least 10 school districts had been the victims of ransomware attacks. This combined with last year’s “techlash,” which ushered in a new public suspicion around technology, it’s become increasingly complex for school districts to keep students safe online while respecting their privacy.
Yet as schools adopt more and more technology for student use, it is essential that they find the right balance. Students must be protected from issues like cyberbullying, and their data needs to be protected too.
Here’s how school districts can ensure student privacy while keeping students safe and continuing to encourage the use of technology as an educational tool.
Teachers, parents, school administrators and network admins are all becoming increasingly aware of how vulnerable students are to bullying, mental health problems, and even self-harm, and how technology can contribute to these issues. Content filtering and digital literacy education are two of the ways schools are working on combating those vulnerabilities.
Leveraging technology to keep students safe online comes with its own vulnerabilities, though. As EdTech describes, a student’s personal data is valuable because it can be used for identity theft--and the pristine credit record of a young person is a particularly attractive target for fraud. And while adults may be mindful of their digital footprint and recognize the need to protect certain information, children and teenagers may not be.
While digital literacy skills certainly can help students stay safe and protect their privacy online, schools must take other measures, too. The Family Educational Rights and Privacy Act (FERPA) requires schools to protect data to keep students safe from identity theft, fraud, and extortion. Additionally, the Children’s Online Privacy Protection Act (COPPA) regulates the use of personal information of children under the age of 13 collected by commercial websites, online services, and mobile apps, and applies to educational technologies.
School districts need to be as conscious of student privacy as they are of student safety. The following steps can help your district protect its student data and ensure parents, students, teachers, and administrators feel confident about both student safety and privacy.
Choose a privacy official.
A senior administrator should be responsible for ensuring compliance with privacy laws and maintaining the district’s privacy policies. This person should work with legal counsel to understand the laws, keeping in mind that privacy legislation varies by state, and update privacy policies to comply with legislation as it changes.
Work with teachers and parents to develop privacy policies.
Are teachers or parents allowed to take photos of children in class? Are they allowed to publish these photos on social media networks? Under what conditions and with whose consent? Photos are just one example of an area where collection, use, and sharing of student data and information must be agreed upon by teachers, parents, and even students. When privacy policies have been agreed upon, get written agreements from the teachers’ union and from parents to ensure these policies are followed.
Ensure technology and services comply with district privacy policies.
At a bare minimum, technology used in the classroom must comply with FERPA and COPPA. Add standard language related to privacy and security to your contracts for products and services so that technology and any other products and services used also comply with your district’s privacy policies.
Prioritize security from the ground up.
Secure your school district’s devices, its computer networks, and its data center. Provide privacy and cybersecurity training to your employees--make sure no teacher at any of your schools will fall prey to a phishing scam. Institute strong password policies. Hire third-party firms to run regular security audits.
Create an end-of-life plan.
When students graduate or leave school, what will happen to their data? Create archiving and deletion plans so data doesn’t live forever. Create procedures to allow students to take their data with them if they so choose.
Student privacy is a complex topic, and it’s one that is being given increased attention by parents and by privacy watchdogs. (See for instance the State Student Privacy Report Card, released in January of this year.) School districts need to consider how to best balance security and privacy in their schools.
Get in touch with Linewize to learn more about how we’re keeping students safe online while protecting their privacy.
At the start of the 21st century, when the calendar flipped from ’99 to ’00, just over half of all American adults used the internet. ...