Education Framework Blog

Focused on the Future of Education in America

EdPrivacy by Education Framework Recognized For Efforts in Protecting Student Data Privacy

FOR IMMEDIATE RELEASE:

EdPrivacy by Education Framework Recognized for Efforts in Protecting Student Data Privacy

BEND, Oregon - April 25, 2018 - Bend-based enterprise software development company, Education Framework, has been recognized for their ongoing effort to protect student data privacy in school districts across the country. The National School Boards Association (NSBA) recently named Education Framework a 2018 Technology Innovation Showcase Company, highlighting how new approaches in technology advance K-12 education and inspire school leaders to explore and embrace innovative solutions. Additionally, their online student data privacy management service, EdPrivacy by Education Framework, was named a “Cool Tool” in The EdTech Awards by EdTech Digest as the Best Security and Privacy Solution for 2018.

EdPrivacy by Education Framework is a comprehensive online student data privacy management solution for US K-12 school districts. It streamlines the privacy management process and helps ensure that third party online technologies (apps/websites) are respecting and protecting personally identifiable student information (Pii).

The NSBA Innovation Showcase highlights companies based on innovative approaches to challenges across the K-12 curriculum, administrative operations and communication channels. As one of the chosen solutions, EdPrivacy by Education Framework will be featured in NSBA’s magazine for school leaders, American School Board Journal, and participate in a webinar hosted by NSBA’s National Connection program in the coming months.

The EdTech Awards recognize the biggest names in education technology – and those who soon will be. Victor Rivero, editor-in-chief of EdTech Digest, overseeing The EdTech Awards, said: “The innovators, leaders, and trendsetters represented here are dauntless, dedicated, and determined in their work. Thus, we very proudly recognize, acknowledge, honor, and celebrate the biggest names in edtech – and newer talents shaping the future of edtech.”

"We are extremely proud of the recognition.” said Jim Onstad, President & Co-Founder of Education Framework. “As parents of school-aged children and student privacy advocates, this effort is near and dear to us. This [recognition] further supports our mission to protect the privacy of every student in America, and is testament to our efforts, our team and our collective vision.”

About EdPrivacy by Education Framework

EdPrivacy by Education Framework is the world’s first online student data privacy management system designed to help K-12 school districts proactively protect student Pii. With over 5500 vetted technologies available for immediate review to partner districts, the EdPrivacy service is a comprehensive database of information that simplifies and streamlines the privacy management process. Helping educators and administrators better understand the privacy and safety of the online technologies used in their districts, EdPrivacy actively engages parents in the privacy conversation and manages the privacy process with transparency and accountability. Education Framework is headquartered in Bend, Oregon. To learn more or to request a demo, visit EducationFramework.com.

Contact

For Education Framework Katie Onstad, 541-915-8840 katie@educationframework.com

###

EdPrivacy by Education Framework selected as an Edtech Awards Cool Tool Finalist in Security/Privacy

We are proud to announce that EdPrivacy by Education Framework has been selected as a 2018 Edtech Awards Cool Tool Finalist in Security/Privacy.


The EdTech Awards recognizes people in and around education for outstanding contributions in transforming education through technology to enrich the lives of learners everywhere.


“We celebrate who’s who and what’s next in edtech,” said Victor Rivero, who as Editor-in-Chief of EdTech Digest, oversees the awards program.


Full press release posted below...




https://i0.wp.com/edtechdigest.com/wp-content/uploads/2018/02/ED-TECH-Awards-Horizontal-RGB.png?resize=375%2C212&ssl=1



FOR IMMEDIATE RELEASE



FINALISTS REVEALED FOR THE EDTECH AWARDS 2018


Top leaders, innovators, and trendsetters announced to millions interested in creating a better future for learning with the help of technology.


The finalists for The EdTech Awards 2018 have been announced today to a global online audience of millions of educators, technologists, students, parents, and policymakers interested in creating a better future for education.


Now in its 8th year, the US-based program is the largest and most competitive recognition program in all of education technology, recognizing the biggest names in edtech – and those who soon will be.


“We celebrate who’s who and what’s next in edtech,” said Victor Rivero, who as Editor-in-Chief of EdTech Digest, oversees the awards program.


The EdTech Awards recognizes people in and around education for outstanding contributions in transforming education through technology to enrich the lives of learners everywhere.


Featuring edtech’s best and brightest, the annual program shines a spotlight on cool tools, inspiring leaders and innovative trendsetters across the K-12, Higher Education, and Skills and Workforce sectors.


The EdTech Awards recognize people—and the products they produce and lives they shape— with three main honors:


  • The EdTech Cool Tool Awards

  • The EdTech Leadership Awards, and

  • The EdTech Trendsetter Awards.


This year’s finalists include:


FINALIST LIST – https://edtechdigest.com/2018-finalists-winners/



Finalists have been selected from thousands of entries.


The edtech ecosystem is now more than 15,000 companies strong, with hundreds of thousands of educators using technology to enhance, improve, and transform their everyday work.


The EdTech Awards were established in 2010 to recognize, acknowledge, and celebrate the most exceptional innovators, leaders, and trendsetters in education technology.


More than US$50 Billion has been invested worldwide across the global edtech landscape in just the last several years.


Past winners include Blackboard, ClassLink, Coursera, Discovery Education, DreamBox Learning, Edmodo, Edthena, Flipgrid, Freshgrade, Promethean, Scholastic, Schoology, SMART Technologies, Smithsonian Learning Lab, and zSpace, among others.


This year’s finalists and winners were narrowed from the larger field and judged based on various criteria, including: pedagogical workability, efficacy and results, support, clarity, value and potential.  


Victor Rivero, who as Editor-in-Chief of EdTech Digest, oversees The EdTech Awards, said:


“Congratulations to the finalists and winners of The EdTech Awards 2018 and may their resolve inspire others.


“The innovators, leaders, and trendsetters represented here are dauntless, dedicated, and determined in their work.


“In this age of rapidly accelerating technological growth, it might be easy to lose sight of what moves everything forward: the indomitable power of the human spirit.


“But in no other field is the human spirit more alive than education, where educators and supporting technologists are literally shaping our future.


“The work of the educator is often undervalued and overlooked, but educators and technologists supporting them play a leading role in our world.


“Thus, we very proudly recognize, acknowledge, honor, and celebrate the biggest names in edtech – and newer talents shaping the future of edtech.”



Further information about The EdTech Awards is available here:

https://edtechdigest.com/


For more, see #EdTechAwards and follow @edtechdigest here: https://twitter.com/edtechdigest


Privacy & Security of Student Data: An Increasing Concern for IT Leaders

A recent article by eSchool News highlights latest COSN survey, stating: 

IT leaders list student data privacy as one of their primary concerns.


According the the fourth annual K-12 IT Leadership Survey Reportbroadband and network capacity top the list of priorities for school technology leaders. But the survey also indicated that they're spending more time and devoting more resources to student data privacy and security than in previous years. 

Major IT findings emerged from the survey and are outlined in the report:

1. Broadband and network capacity is the top priority for IT leaders
2. Privacy and security of student data is an increasing concern for IT leaders
3. Districts are turning to digital learning materials.
4. Ninety-nine percent expect to incorporate digital Open Educational Resources .
5. Nearly 80 percent of IT leaders use online productivity tools 
6. District bans on student devices are shrinking. 
7. The path to IT leadership differs for women and men
8. Racial diversity in IT leadership is lacking
9. IT leaders have advanced education.
10. Demographics are changing

The article indicates that respondents major challenges include budget constraints and lack of resources; the existence of silos that hamper collaboration; and lack of vision and support from senior district leadership.


Secret to Student Privacy

In previous posts, I’ve shared tips to help you better understand the rules and laws governing student privacy. I’ve provided resources to guide and assist you in navigating the student privacy quagmire, and I’ve offered recommendations to help you proactively manage your student privacy obligations with transparency and accountability. Today I address the importance of educator buy-in; a key component to consider when creating, designing and implementing a successful student privacy program in your school or district.

Managing student privacy is no simple task. Implementing a successful student privacy initiative takes a lot of work. It involves considerable amounts of time, commitment, and resources - three things most schools and districts are already running short of. But despite any perceived limitations, it is vital that educators understand the importance of student privacy and make concerted efforts to ensure student information is safe, secure and protected.

Investing in protecting student privacy is a worthwhile endeavor.

It is important to give student privacy the attention that it rightfully deserves. This starts with fostering the belief that protecting student privacy is, indeed, a valid, pressing and necessary cause, worthy of our time and consideration. It involves cultivating a mindset where everyone understands that protecting student data is no single person or department’s responsibility – instead, it is everyone’s responsibility. It requires establishing clearly defined roles, and thoughtfully laid out plans that incorporate transparency and accountability measures into your everyday thinking. And it demands putting teachers on the front lines as the guardians of student information, while providing them with the support, training and tools they need to learn, grow and excel. Because without teacher understanding, support and essential buy-in, there is little likelihood of success.

Teacher empowerment is crucial to success.

Teachers play a critical role in implementing successful student privacy initiatives, no ifs, ands or buts about it. Teachers are the first touch point for parents and students. They are the ones with the greatest understanding of what’s really going on in the classroom; their fingers directly on the pulse of learning. They know which apps and websites are being used, who is using them, and how they are being used. They see first-hand who they help and who they hinder. And they understand, be it good, bad or ugly, the value that each piece of technology brings to the table. They are the ones with the knowledge. Yet, despite the value that teachers offer, they are often left out of the planning conversation. 

It's ironic that many decisions affecting technology usage in schools are often made outside of the classroom, at the administrative level, and absent of teacher input. But just as IT directors, school and district administrators, state and local policymakers, and even parents have a uniquely qualified perspective when it comes to protecting student privacy, teachers do too. Theirs, in particular, should be of legitimate concern, with administrators and policymakers giving weighty consideration to their point-of-view. Unfortunately, that is rarely the case. This discouraging disconnect is a weakness that jeopardizes privacy efforts in schools and districts across the nation.

Protecting student privacy is everyone’s responsibility.

It is time that we start looking at the big picture when it comes data use in our schools. We can no longer presume that someone else is taking responsibility for protecting student data, because more often than not, they're not. The sooner we all acknowledge that, the better we will be.

It’s important that everybody with a stake in education – students, parents, teachers, administrators and policymakers, come together to ensure concrete efforts are in place to protect student privacy. This means properly vetting apps and websites before they are approved for usage in the classroom. It means thoroughly reading privacy policies, understanding what information is being collected from students, and knowing exactly how the data is being used. It also means staying current with local, state and federal laws and regulations, and establishing clearly defined objectives that outline what is acceptable in your state, school or district, and what is not. Communicating this information clearly is key to minimizing confusion.

It’s also important that schools and districts engage participants from the onset by providing clearly defined plans and procedures. This fosters unequivocal understanding of the vision from the start, and minimizes any confusion or misinterpretation throughout its application. Providing regular communication, like posting real-time updates via an easy-to-access school or district website engages parents, teachers and administrators in the privacy conversation and ensures privacy efforts are being addressed at each and every level. Through the creation of easy-to-read guidelines and clearly defined protocols, schools and districts empower their thought leaders to share in the privacy responsibility.

The importance of educator buy-in

A successful student data privacy initiative is built upon a foundation of trust and communication, with integrity, transparency and accountability at its core. It requires dedicated time, energy and resources to thrive and succeed. But in order to function properly, it also needs educator advocacy. 

Giving teachers a say in this matter goes a long way towards making inroads to change. It helps them be a part of the solution, instead of a source of the problem. But in order to do this effectively, teachers need the necessary tools to help them learn, improve and prosper; ones that allow them to make thoughtful, calculated decisions based on empirical data. It’s really that simple.

The secret to properly protecting student privacy is putting teachers in the driver’s seat. This ensures that privacy is being considered from the boardroom to the classroom, with the student at the center of the discussion. It's time for schools and districts to reevaluate the role that teachers play in safeguarding student data and empower them to be the gatekeepers.  The sooner this occurs, the better off we will be. 

Do you agree? I'd love to hear your thoughts! I encourage you to post your comments below.

EdSurge Tech for Schools Summit - Riverside, CA


We are happy to share that Education Framework will be participating in the EdSurge Tech for Schools Summit in Riverside, California, where we will be sharing our student privacy and parental consent software solution, EdProtect, with educators and administrators during the two day event. 

We are especially looking forward to this event because it gives us the opportunity to learn first-hand how the new privacy laws are directly affecting schools and districts in California. We want to better understand how administrators are handling their privacy obligations under SOPIPA and provide assistance to those looking for help and guidance.

Friday, January 22
7:45am – 3:15pm

Saturday, January 23
8:00am - 3:00pm

Interested in attending? Please visit here >>

2016: The Year of Student Privacy


If we had to use one word to sum up the current state of student privacy, we would have to go with “complexity.” Technology has become more and more entwined in our schools and into students’ lives; pilot programs like iPads will soon become standard at every school and grade level. Elementary school children who used to learn the Three Rs are now learning things like programming, robotics and engineering. Rote memorization has been replaced with gamified learning. And what would be early-adopter technology for this year’s kindergartner, like wearable tech and virtual reality, may be a standard educational tool by time she becomes a sixth grader.

While technology will always move faster than legislation, all levels of government are feverously working to spell out the rules for how we treat student data. As with any legislation, there are many different interest groups with different ideologies and priorities. A simple question like “Who is responsible for student data?” will be answered very differently by state legislators, local school boards, teachers, parents and technology companies; each wants control while shielding themselves from any liability.

And liability is a reality. Right now your student data is at risk with grave consequences. We live in an age where Fortune 500 companies are routinely hacked, exposing the sensitive data of millions of customers for all to see and steal with the click of a mouse. If all the resources of companies like Target, Sony and Home Depot can’t protect their data, what hope does the average overworked, underfunded school district IT department have? Not only do they need to protect from outside threats (or mischievous students); they need to protect the data from their software vendors who may want to collect it for marketing purposes. Short of reading hundreds of ever-changing Terms of Services for every app and software your district uses, you have no idea how your vendors use the data they collect, where they store it, when they delete it, who has final control over it or perhaps even how to access it. 

Because of all this complexity, we believe this is the year student data becomes one of the most important issues facing a school district. The choices schools, legislators and technology companies make over the next 12 months may end up being the foundation for what is considered standard in student privacy.

We created EdProtect to give schools the choice of the highest level of student data privacy possible. Because we’re not just developers; we’re parents. We’re as excited by all the new technology in schools as anyone, and wholeheartedly believe in the power of technology to help our kids learn. But we’re also increasingly concerned about the security of student data. And we’re not alone: 87% of parents surveyed are worried their child’s information can be stolen, with 85% responding that their willingness to support technology in schools must be coupled with efforts to ensure security.

Whether you are ready or not, this is the year your school needs to make a commitment to protecting student data. Learn more about how our tools make ensuring student privacy simple and sign up for a free demonstration today.

Student Data Privacy Best Practices


Understanding that you need to do something and knowing what to do are two very different things. But simply breaking things down into smaller chunks often allows one to see more clearly, understand how the pieces fit together, and determine how to tackle each piece individually to achieve a positive end result. 

Today, we are utilizing this approach with regards to managing student data privacy. By breaking it down into simpler components, we are condensing a vast and often confusing array of information into a manageable set of guidelines for educators to follow. 

Based on best practice recommendations from the U.S. Department of Education Privacy Technical Assistance Center (PTAC) and other leading education organizations, we have assembled three easy-to-remember recommendations to help protect student privacy. They are as follows: 

1. Be Knowledgeable - Understand the privacy landscape and your legal obligations.

  • Know your student privacy laws. Federal laws include FERPA, COPPA and PPRA, but new state regulations are being implemented all across the nation, so it is important to know what is going on in your state. 
  • Create data inventories to fully understand the scope of information being collected and shared. 
  • Track which online and educational services are currently being used in your district.
  • Monitor privacy policies for changes.

2. Be Accountable Establish a data governance plan and guidelines to follow. 

  • Make a plan that addresses the full life cycle of data, from acquisition - to use - to disposal. Ensure the individual privacy and confidentiality of education records by defining rules.
  • Have policies and procedures in place to evaluate and approve online educational services. Determine who has purchasing authority and proactively define the scope and limitations of that authority. 
  • Use written contracts or legal agreements laying out security and data stewardship, data collection, data deletion, data use, data retention, data disclosure and data destruction provisions. 
  • Consider parental consent even in instances where federal law does not require. 

3. Be Transparent - Communicate your plan and engage parents in the privacy conversation. 

  • Post information about your student data policies, practices and usage on an easy-to-locate public webpage. Utilize parent-teacher dashboards, if possible. 
  • Be explicit about what information you collect about your students, and what that information is used for. 
  • Explain what, if any, personal information is shared with third party service providers, and how that information is safeguarded. 
  • Let parents know where they can get more information.

By following these recommendations, school and district administrators are taking necessary precautions to protect their students and their districts from harm. As mentioned in our previous blog entryPTAC has a wealth of resources available to help. They have even created a specific checklist for developing school district privacy programs. 


There are also automated student data privacy solutions available to help schools and districts proactively manage privacy obligations with transparency and accountability. Solutions like EdProtect take the guesswork out of managing student data privacy and offer an added layer of security, providing peace-of-mind for those tasked with protecting student information.  

Student Privacy 101: The low down on the laws of the land


Long gone are the days when protecting student information meant locking a filing cabinet. Today, with students using hundreds of different apps over the course of their education, software providers obscuring how they use data in complicated Terms of Service contracts, and an ever-shifting legal landscape, it can be extremely difficult for administrators, teachers and parents to know exactly what they need to do to protect their student data.

Over the next few posts we’ll be exploring the different factors affecting the world of student data. Our goal is to demystify the subject of student data privacy and help bring you up to speed so you can address this serious topic in your school district.

Today we’re starting by taking a current snapshot of the legal landscape. Federal laws like the Family Educational Rights and Privacy Act (FERPA) and the Children's Online Privacy Protection Act (COPPA) work to ensure student data is only used for authorized purposes; protects that data from further disclosure or other uses, like marketing or being resold to others; and mandates that it is destroyed when no longer needed for the authorized purpose.

While these laws lay a foundation for educators and online operators to follow, they don't necessarily cover all aspects of data collection and deletion. For this reason, many states are now creating their own, more specific student data privacy laws to define what is and what isn't acceptable when it comes to the collection of student information in their respective states. 

Over the past two years, nearly every state has introduced its own legislation addressing student data privacy. In 2014, California passed the Student Online Personal Information Protection Act (SOPIPA), the first of its kind, which has since been used as the model for much of the legislation being introduced by other states.

Many of these are focused on creating greater transparency and accountability for educational data, clarifying the data and privacy activities of third-party service providers, and giving parents the ability to have a say in the management of their children's privacy. They generally fall into two types of approaches: prohibitive rules that seek to limit or halt certain types of collection or uses; or governance rules that seek to establish procedures, roles and responsibilities. In addition, numerous bills have established fines and penalties for data misuse and breaches to ensure accountability.

However, for everyone with a stake in education - teachers, parents, school & district leaders, and state & federal policymakers - the new challenge is knowing what all this actually means and understanding how to properly implement an effective plan to manage student privacy. Thankfully, there are resources available to help. 

The U.S. Department of Education’s Privacy Technical Assistance Center (PTAC) is a terrific resource for understanding your legal requirements and what steps you need to take to establish compliance. The Privacy Toolkit in particular provides a useful centralized depository of materials to guide schools and districts looking to improve the security and privacy of their student data. 

In addition, groups like the Future of Privacy Forum (FPF) and the Software and Information Industry Association (SIIA) seek to create change from the industry side by encouraging members to sign the Student Privacy Pledge, committing to use student data in a responsible way. The pledge is intended to hold school service providers accountable and encourage effective communication with parents, teachers and education officials about how student information is used and safeguarded. 

Tools like EdProtect take it one step further and actually manage the process for you. Designed to protect students from data abuse, it ensures that schools and districts are in complete compliance with various federal and state regulations, engages parents in the privacy conversation, and lessens the risk of costly fines and penalties associated with the mismanagement of student information. Resources like this are crucial for helping administrators, IT staff and teachers proactively manage their student privacy obligations with transparency and accountability.

To learn how EdProtect makes your job easier, sign up for a free demonstration today.

Montana High School Inadvertently Exposes Sensitive Student Information

In what has been termed an “unintentional data breach,” a Montana school district is in hot water today as the nation learns that they inadvertently shared extremely sensitive student information in an email to parents. 

The email, sent to 28 parents, contained highly sensitive academic, medical, disciplinary and criminal information about hundreds of students at Hellgate High School in Missoula, Montana. 

In all, information disclosed included the names of students...

  • in school-based mental health counseling
  • diagnosed with developmental disabilities 
  • involved in family-abuse cases
  • suspended or have been involved in other disciplinary measures 
    • including the nature of their infractions,
      • alcohol and drug use, possession of weapons and thefts.
  • not compliant with immunization requirements 
  • failing classes
The email also included a single page of a performance evaluation for a teacher.

On Monday afternoon, Missoula County Public Schools (MCPS) said in a statement that the cause of the data release remains under investigation. 

"We deeply apologize for any inconvenience or concerns this incident may cause for our students and families," MCPS Superintendent Mark Thane said in the statement. "While this was an unintentional release of information, we understand that the district is ultimately responsible to safeguard student information."

According to parents who received the email, the school contacted them shortly after it was sent and asked them to delete it without reading the attachment.

MCPS on Monday declined to comment on how the assortment of information came to be included in the single file. 

UPDATE: Read Superintendent Mark Thane's response letter here >>