Centering Privacy

Leaders must prioritize safeguarding data as a central consideration when designing data policies and practices.

Any time state leaders use data to make decisions about policy that can better support individuals on their education and workforce journeys, they must ensure that they are taking steps to protect and secure data. But privacy is about much more than legal compliance. In addition to adhering to security best practices and laws, leaders at all levels must build trust with community stakeholders by ensuring responsible data use, transparency, and public value.

Why Centering Privacy Matters

As data practices and technology evolve, data policies must evolve with them. Centering privacy ensures that there are appropriate privacy guardrails in place that align with state values and goals for data use.

How Can State Policymakers Center Privacy?

There are four key steps that policymakers can take to center privacy:

Establish data governance that creates transparent processes to guide how data is used and protected.

Improve privacy, security, and communications policies and practices to adhere to evolving standards.

Build capacity and a culture of responsible data use. Ensure that everyone with a part to play in keeping data safe and secure has the training and support they need.

Communicate and demonstrate the value of data to build trust with communities and the public.

By focusing on transparency, governance, and data protection procedures, state leaders can effectively prioritize data privacy as a part of data use. By investing in the people, governance structures, and policies needed to safeguard privacy, state leaders are ensuring that they’re able to adapt to changes in technology and data use.

Policy in Practice

State leaders across the country have prioritized statewide policies to safeguard data. While the work of protecting data is never done, the following foundational actions are important steps for leaders to center privacy in a statewide culture of data use.

Enacting statewide data privacy laws

Between 2014 and 2020, 45 states and Washington, DC enacted new student data privacy laws to guide the protection of student data. While these laws take many forms, states have largely focused on creating data governance and transparency responsibilities for state education agencies, and instituting requirements and restrictions for online education service providers.

Requiring Chief Privacy Officers

Some states have enacted laws that establish a Chief Privacy Officer within the state’s education agency. Creating a leadership position devoted to making strategic decisions about how to ensure that privacy is protected embeds data privacy within the state’s culture of data use.

Improving transparency about data collection

States have taken steps to improve transparency in data collection, often by creating public inventories with information on the types of data the state collects and how it’s used, shared, and protected. To build trust with the public, state education and workforce agencies can include easy-to-find and understand information about how data is safeguarded and collected on their websites.

Supporting local agencies and leaders

States have an important role to play in supporting districts’ ability to center privacy. States can provide resources such as model governance policies, model contracts, and tools that align with state education and workforce privacy policies.

Featured Resources

Recommendations for areas for federal action to frame the discussion about what the federal government can do to support safeguarding student data.

More on Centering Privacy

Data 101

Data is one of the most powerful tools to inform, engage, and create opportunities for individuals along their journey through education and into the workforce—and it‘s much more than test scores.

About Us

We advocate to change the role of data to ensure that data works for everyone navigating their education and workforce journeys.