What is Giving Compass?
We connect donors to learning resources and ways to support community-led solutions. Learn more about us.
Giving Compass' Take:
• A new report from the Center for Democracy & Technology recommends that schools should hire chief privacy officers to protect student data and can address online security breaches.
• How can schools work with these officers to set in motion more privacy restrictions around student data?
• Read about the concerns over student data and privacy.
A principal names suspended students in a widely circulated newsletter, violating student privacy laws. A district inadvertently uploads students’ names, grades and special education status to a public website. An ed tech company’s bankruptcy puts student records at risk of being sold.
Though the federal law protecting student privacy — FERPA — is more than 40 years old, the education world continues to experience large breaches of confidentiality. And as technology increasingly expands ways to collect, store, and retrieve data, the risk of theft or inappropriate access also increases.
That’s why the Center for Democracy & Technology, a Washington, D.C.-based nonprofit, recommends in a new report that the education world turn to a resource used by business and other government entities: chief privacy officers.
In education, privacy responsibilities are often distributed across multiple people who have little training, said Elizabeth Laird, a student privacy senior fellow at the center who wrote the report. This results in data being kept far longer than it should and lax rules on the collection of student information by third-party vendors such as education technology companies.
A chief privacy officer in the education sector would be responsible for setting privacy policies at the state, district, or school level. For example, the officer would determine who has access to what data, create rules for how long data is kept and when it is deleted, and make sure individual students cannot be identified from publicly reported information.
The officer would also train staffers responsible for collecting and reporting data and make sure security teams follow best practices.
To make this role a priority, the report recommends legislation creating a chief privacy officer at the state or district level. Providing funding for privacy efforts is also critical for upgrading or replacing data-storage systems, the report said.
Read the full article about protecting student data by Kate Stringer at The 74