Stories about data breaches across all industries have dominated headlines in recent years, and while these data breaches are alarming, they also have raised awareness about how to handle student data privacy, said Geoff Fletcher Geoff Fletcher, SETDA’s deputy executive director, who moderated the panel discussion.
Those conversations generally focus on the same topics: how to use student data to inform teaching and learning, and how to keep data private and secure.
It’s worth noting, panelists agreed, that data privacy and data security are two different things. Data privacy deals with giving information access only to those who are going to use student data to improve student outcomes. Data security refers to the act of protecting that data from hacks and breaches.
At the end of the session, Fletcher asked each panelist to list one priority or key point to focus on when it comes to collecting, safeguarding, and using student data.
“Always start with the value of the data, and get the conversation to a place where we agree that this is good,” said Paige Kowalski, director of State Policy and Advocacy with the Data Quality Campaign. “Talk about what you’re already doing to protect privacy and security, acknowledge that there’s work to be done, and get stakeholder buy-in on what the next steps should be.”
Amelia Vance, a policy analyst with National Association of State Boards of Education, said it’s essential that school leaders “update your website. Make it easy for people to identify the information you’re collecting and why you’re collecting it. If parents can’t find the answers to their very basic questions, they’ll think you’re hiding something from them. [Aim for] transparency.”
“Profile the data systems you have [in a] better [way], so you understand the data in the system, what it’s used for, and how long it’s in the system,” said Scott Gallant, a consultant with Gallant Consulting Group.” You can quickly adapt to difficult questions if you really understand your systems.”
“Start with the student–the student’s well-being and education–before you grab for that shiny new thing,” said Joni Lupovitz, vice president of Policy for Common Sense Media. “Outline what we really need to help our kids learn better, while also protecting their privacy and confidentiality. This, she said, can help parents and stakeholders understand that data use can benefit students’ learning and overall achievement.”
“ For state school leaders, explain very clearly what it is you’re doing with data. For developers and vendors, make what your system is doing really simple and transparent,” said Richard Culatta, director of the Office of Educational Technology in the U.S. Department of Education.
All panelists touched on transparency and agreed that parents have to be informed about student data collection and use policies, and must feel that schools and vendors are transparent in their efforts and actions.
Once that happens, school leaders should explain that the data will remain secure.
“[Data use] is more than being transparent; it’s taking the next steps and explaining how it’s going to be kept secure and confidential,” Lupovitz said. “It’s only used to further kids’ educational interests. There’s lots of information out there, and the thing is to get ahead of it, show parents that not only are we using it to help the kids, but everyone is doing their best to keep it secure and confidential.”
Vendors’ roles should not be underestimated.
The timeline to build parents’ trust is very short, Culatta noted. And the process should be simple. “If the explanation is too complex to understand, it’s probably too complex to be doing,” he said.
“Schools and districts have a role to play in building trust,” Lupovitz said. “A lot of it comes down to picking the right vendors. Vendors should step up to the plate and show that they’re thinking about it, too, and don’t want kids’ data [in order to] exploit it.”
“Frequently at ed-tech conferences, you don’t hear a lot about privacy,” Vance said. “Vendors say their privacy measures help kids, but they don’t articulate the value added. Products can be terrifying for parents—most parents are a little afraid of these sorts of things. Make sure your product is helping kids, and also isn’t scaring the population.”
“It’s good to see chief privacy officers come on board in companies,” Gallant said. “Lots of guidance is starting to get pumped out right now. Make sure someone in your organization is really taking a look at that.”