EdData Privacy Update: 6/4/2015

Safeguarding Data
EdData Privacy Update: 6/4/2015

Every sector in our economy is transitioning to digital operations. That means as personal information is collected electronically, new institutional policies, practices, and security processes to govern the safe and responsible management of these data are required. K12 education is relatively new to this transition in comparison to other sectors like financial services, and privacy and security infrastructure continues to develop and advance across the sector. As schools and districts develop internal systems to safeguard student data, are there established practices in other sectors they can learn from?

A new paper published by experts at EducationCounsel distills promising data privacy and security policies and practices used in financial services, healthcare, and digital application software development into a useful check list of recommended activities for educational institutions.

The authors explain that while education has unique considerations, state, district, and school leaders do not have to start from scratch when they are building out these policies and practices. Many of the challenges the education sector faces are common to other industries. The financial services, healthcare, and digital application software development sectors have already built an infrastructure for safeguarding data, and there are many similarities between their approaches.  Based on their analysis of these similarities, the authors recommend three key areas of focus for districts and schools when working on addressing privacy and security:

  • Establish internal ground rules: Schools and districts should review and improve internal processes for managing data, starting with assessing data collection practices and identifying security objectives.
  • Manage third party vendor relationships: Schools and districts should adopt a vendor approval and governance framework and establish a set of criteria to properly evaluate the risk of providing a vendor with access to student data, for example.
  • Commit to continuous improvement and transparency: Schools and districts should continuously make updates to improve data security policies and procedures, and maintain a commitment to transparency and communication with parents, students, and teachers.

Read the full paper with detailed recommendations here.

Associate Director, Policy and Advocacy
As associate director for policy and advocacy, Taryn helps identify, advocate for, and support changes to state policy and practice that make data work for students. She tracks the changing landscape of state policies that govern education data and helps DQC develop and share resulting insights and recommendations with policymakers and the field. She manages efforts to build DQC’s expertise on the data implications of emerging education issues, such as personalized learning and measuring student growth, and identify action steps state policymakers can take to ensure effective data use while pursuing their education goals.