10 data safety principles every school should be following

Are you following this checklist of best practices for safe data collection and use?

The Consortium for School Networking ^[1] and the Data Quality Campaign ^[2] have released a new set of 10 principles to help guide schools in protecting the student data they store. The guidelines spell out dos and don’ts of collecting and storing data as well as best practices for sharing and using them appropriately.

For example, the new guidelines suggest limiting access to student data, collecting only what’s necessary, and providing training to anyone coming in contact with it. Suggestions for proper governance is also included.

CoSN and the Data Quality Campaign were joined by 30 national education organizations ^[3] representing parents, teachers, principals, superintendents, state boards of education, chief technology officers and others in drafting and approving the guidelines—the first of their kind.

“Educators will only gain the trust of parents and families if student information is used responsibly, ethically and only when necessary to benefit students. This is a very important effort by the education community to work together to articulate core beliefs and a commitment to building transparency and trust,” said Keith Krueger, CEO of CoSN.

Next page: 10 student data principles

The 10 student data principles are:

1. Student data should be used to further and support student learning and success.
2. Student data are most powerful when used for continuous improvement and personalizing student learning.
3. Student data should be used as a tool for informing, engaging, and empowering students, families, teachers, and school system leaders.
4. Students, families, and educators should have timely access to information collected about the student.
5. Student data should be used to inform and not replace the professional judgment of educators.
6. Students’ personal information should only be shared, under terms or agreement, with service providers for legitimate educational purposes; otherwise the consent to share must be given by a parent, guardian, or a student, if that student is over 18. School systems should have policies for overseeing this process, which include support and guidance for teachers.
7. Educational institutions, and their contracted service providers with access to student data, including researchers, should have clear, publicly available rules and guidelines for how they collect, use, safeguard, and destroy those data.
8. Educators and their contracted service providers should only have access to the minimum student data required to support student success.
9. Everyone who has access to students’ personal information should be trained and know how to effectively and ethically use, protect, and secure it.
10. Any educational institution with the authority to collect and maintain student personal information should have a system of governance that:

• have a system of governance that designates rules, procedures, and the individual or group responsible for decisionmaking regarding data collection, use, access, sharing, and security, and use of online educational programs;
• have a policy for notification of any misuse or breach of information and available remedies;
• maintain a security process that follows widely accepted industry best practices; and
• provide a designated place or contact where students and families can go to learn of their rights and have their questions about student data collection, use, and security answered.

Additional information about the principles is available online at www.studentdataprinciples.org ^[4] or via DQC’s resources on safeguarding student data and using data to support student achievement.

Material from a press release was used in this report.