changed the way we teach, it has changed the way we communicate and it will
continue to change the way we learn and grow.
But so has privacy.
No longer can we assume
our children’s data is protected. We have to actually work to protect it.
student data requires committing time, energy and resources towards the effort.
It is an on-going and ever-evolving process that when applied correctly, provides real
remain vigilant in ensuring data privacy is protected, one app and website at a
time. The sooner we acknowledge this, and act accordingly, the better off we
The Digitalization of Education
The amount of
online learning technologies available to students today is utterly astounding.
Just look at iTunes, and you will see that they have literally tens of thousands
of educational apps and websites available for immediate download.
Many of these technologies
have true potential to make a difference and improve student outcomes. While others,
if left unchecked, can pose real-life threats to students and schools.
It is now the
responsibility of school and district leaders to determine which apps and
websites are appropriate and safe for use in the classroom. But many are
finding this to be quite a difficult task.
School and district
leaders are adopting new learning technologies at breakneck speeds, and as a
result, many are coming to the realization that not all apps and websites are
are laws in place to help govern this process. However, the lack of
accountability and enforcement is problematic. This kink in the system leaves
many doors open to misuse and abuse, exposing students and schools to unnecessary
This is a hard
truth. And it needs to change.
Protecting student privacy is an on-going
and ever-evolving process that demands time, attention and resources.
In order to protect
student data, school leaders must proactively commit to protecting it.
It means reading
through endless privacy policies, conducting privacy assessments for each and every
online technology used in the classroom, and continuously monitoring those
policies for changes.
It requires patience,
and persistence, and time.
While this is
becoming the new norm for educators and administrators, it is also a responsibility
that many school and district leaders are struggling to get a handle on. Many
are at a loss of where to even begin.
Protecting student privacy begins with knowledge
data starts with knowing what technologies are being used by students, understanding
how each of the technologies are using the data, and acknowledging that you
have control over which technologies make it into the hands of students.
No longer are we
living in a time that it’s okay to blindly introduce new learning technologies into
the classroom without first determining if they are safe to use. This means
ensuring the data is secure and private for the life of its existence. So
before an app or website should be approved, it needs to be thoroughly
technologies takes a considerable amount of time and energy. However, when done
correctly, assessments provide a wealth of knowledge and understanding about
how the technology is being used.
Knowledge is power.
The more you get behind the data and understand what its intended use is, the
better off you will be.
Protecting student privacy involves knowing what is going on with the data.
data starts with understanding the process, knowing what is expected of you,
and asking the right questions. It also involves deciphering the data.
technologies typically begins with researching new apps and websites,
determining their value, negotiating a deal, and ultimately signing a contract;
creating a mutual legal agreement between buyer and seller laying out, in very
specific terms, what is expected from both parties in black and white.
clearly define what is appropriate, and what is not when it comes to handling
student information. And they include sound provisions to ensure student data
Privacy policies typically
tell a story about the data. They contain nuggets of information that, when
properly extracted and pieced together, reveal what is really going on with the
data; how it is being used, by whom, for what purposes and for how long.
But getting to that
information, making sense of it, and knowing how to keep track of it, is often far
easier said than done.
technologies and reading through endless privacy policies is the kind of work that
takes time, requires dedication and demands on-going attention. But when applied correctly,
privacy assessments provide answers that help define what is really going on
with the data.
Not sure of where to
Start by taking
stock of the learning technologies being used in your school, or district
today. Determine which technologies are safe for use and which ones are not. Eliminate
those that are risky or no longer needed. Monitor and repeat.
a technology audit.
any technologies that are no longer in use, and eliminate any apps and website that
might potentially pose threat or harm to students.
privacy policies for changes.
Protecting student data privacy starts with asking the right
When conducting privacy
assessments, it is important to consider the following criteria: data privacy,
data deletion, data security, data integrity, and data retention.
It also helps to ask the right questions.
Below, I have briefly outlined the 5 criteria that make up a privacy assessment. I have also included some great questions to
ask when assessing online technologies for your school or district.
(While it's worth noting that these questions only represent a small sample of what really needs to be asked, they provide general guidance as to what you should be looking for.)
5 great questions to ask when assessing online technologies in school:
Privacy: The ability to keep track of data and understand what happens to it
during its lifespan.
Ø Example of a Data Privacy Question:
information is collected from students and for what purposes will it be used?”
Deletion: The ability to remove data upon request.
Ø Example of a Data Deletion Question:
parents review &/or delete the personal information collected from their
Security: The ability to protect the data from unwanted or unauthorized users.
of a Data Security Question:
security policies and procedures in place to protect against risk? When student
data is transferred, is it encrypted?”
Integrity: The ability to maintain the accuracy & consistency of data over
its entire life-cycle.
of a Data Integrity Question:
student data backed up on a regular schedule?”
Retention: The ability to understand that the data is only to be used for its
intended educational purposes and should be otherwise disposed of when no
of a Data Retention Question:
the data collected only be retained for as long as it serves an educational
Protecting student privacy begins with
knowing what is expected of you.
Designating someone to
be responsible for reviewing privacy policies, conducting privacy assessments
and monitoring policies for changes will help any school or district get ahead.
In closing, I’ll
leave you with some best practice recommendations for protecting student data
privacy from The US Department of Education:
negotiating technology contracts, it’s important to pay close attention to the
sure the agreement explicitly describes how the provider may use and share
- Maintain awareness of other relevant federal,
state, tribal, or local laws.
- Be aware of which online educational services
are currently being used in your district.
- Have policies and procedures to evaluate and
approve proposed online educational services.
- When possible, use a written contract or legal
- Know that extra steps are necessary when
accepting Click-Wrap licenses for consumer apps.
- Be transparent with parents and students.
- Consider that parental consent may be