A four-part blog series as part of the CoSN Student Data Privacy Advisory’s commemoration of Global Data Privacy Day.
Building a partnership between the technology team and teachers is foundational to ensuring the proper management of student data privacy and a district technology program. In that spirit, think of this as an open letter to teachers to help pave the way for future collaboration:
As educators, we all have a responsibility to protect the students in our care. It’s critical to our work. When considering safety, our thoughts often turn to physical and mental safety, and rightfully so.
However, there’s another aspect to safety that is also in our hands. In many ways, it can be the easiest for us to manage, as it’s almost entirely dependent on the choices that we make. I’m talking about virtual safety – our management of the privacy of our students and the information we know about them.
Consider, for example, the choices made about apps and websites that are used in the classroom. Putting each of those products in the hands of students or using it yourself to support your classroom practices is akin to taking your students (and their personal information) on a “virtual field trip.” As with a real-world field trip, there are questions that must be answered before starting the journey:
- Do you know where they’re going?
- Is it appropriate for them to be there?
- Do you have a plan to keep them safe while they’re out there?
- Do you have permission to take them there?
- Is the provider equipped to have students in their midst?
In other words, you can’t just get on the bus and go. You need a plan.
To get started, do you know where they’re going? What company or organization is behind the app or website you’re interested in using? How do they make their money? Remember that just because the product is free or inexpensive, that doesn’t mean the company doesn’t have a business model. After all, none of us work for free. We need to make sure that the company isn’t using our students or their information as a paycheck, but instead is only supporting their educational needs.
For most of the products and services that you bring into the classroom, the operator will need to qualify as a “school official” under the Family Educational Rights and Privacy Act (FERPA). Your district will have a document explaining its criteria for a school official. It should be easy for you to check, and while you won’t have to make the final determination, it’s important to know if there are any big obstacles well in advance of asking for approval.
Remember that just because a student doesn’t need to log into a product doesn’t mean that their personal information isn’t being captured. It also doesn’t mean that an education record isn’t being created. In fact, it’s often the opposite. In the world of apps and websites, there are a number of data elements that are captured that can identify an individual, and the work progress your students make within a product is very likely still an education record. No one goes to school anonymously, and no one truly uses internet-connected products anonymously, even if there’s no log in.
In addition, keep track of when you stop using a product with your class. When you move on, use that as a firm reminder to tell the provider to delete the class data. This is particularly important when you’ve “clicked to agree” to terms. That’s a contract, and it often doesn’t have an end date. The provider might have no good way to know that you’ve decided to stop using their product with your class, so it might be your responsibility to tell them that it’s time to securely destroy your and your students’ personal information. Your technology team is ready to help you with this. Just ask!
Remember that the technology team wants to collaborate. They don’t ever want to say “no” to you. They don’t want to disallow the products you’ve identified as being useful and important to support your students. However, there are times when they have to. Sometimes a provider’s information practices just don’t meet the requirements of the law or district policy, or use of a particular product might not be sufficient for maintaining the privacy and safety of your students.
The more you learn about how to choose the right apps, websites, and other technologies, the more you’ll be protecting your students. You’ll also be better positioned to work more collaboratively with your technology team to find the products and services that meet your needs in the safest way possible. So, let’s get started. The door is always open.
Author: Louis McDonald, Director of Technology, Fauquier County Public Schools (VA)
CoSN Student Data Privacy Advisory Member
Louis McDonald is the Director of Technology for Fauquier County Public Schools. In his ten years of service with the 11,000 student division, he has been responsible for the migration to a new student information system, design and implementation for the Google Workspace roll-out, and oversight for the 1:1 Chromebook implementation in the division.
Louis McDonald has over 40 years of experience in information systems management, software engineering, strategic planning and project management. Prior to joining the division, Mr. McDonald was the CTO/CIO at Virginia’s Center for Innovative Technology (CIT). His areas of focus included subject matter expert for early stage investments; identifying technology trends, strengths and gaps in information security and emerging technologies; and working with universities and community colleges to ensure leadership and interaction with Virginia’s information technology industry. Mr. McDonald was also a project manager supporting development of the Virginia Department of Education’s Longitudinal Data System for extracting and analyzing insightful education and workforce development data.
Prior to joining CIT, Mr. McDonald worked at The Aerospace Corporation and Hughes Aircraft, where he served as a consultant to the federal government.
Mr. McDonald is CoSN Certified Educational Technology Leader and holds a Bachelor of Computer Science from California State Polytechnic University, a Master of Computer Science from the University of Southern California, and a Master of Information Systems and Federal CIO Certification from George Washington University.
Published on: February 6th, 2022
CoSN is vendor neutral and does not endorse products or services. Any mention of a specific solution is for contextual purposes.