Tactical student data privacy questions like “What can I do right now?” should be asked by all CIOs, teachers, administrators, and policymakers in this changing landscape of data access, student privacy, and interoperability. In a recent edWebinar, Dr. Larry Fruth, executive director and CEO of the Access 4 Learning (A4L) Community, and Jena Draper, founder and general manager at CatchOn, discussed the challenges school districts face with data access and student privacy. Dr. Fruth suggests that school districts hit the ground running by adding privacy components and security before it becomes a “What should I do right now?” situation. Draper says that school districts need to look at data access from all angles, from the outer layer of the infrastructure to the rogue apps used in classrooms, to create sound data access and student data privacy plans.
The data balancing act
Open access to data has the potential to violate student data privacy regulations, but closed access to data has the potential to lock everything down. The “sweet spot” of data access is critical in the environment where data is no longer used in a silo but used in data conversations around graduation rates, college readiness, and career pathways.
The challenge, as highlighted by Fruth, is how much data should be accessible to the stakeholders. If they have access to too much data, it will feel overwhelming, and if they don’t have enough access, they don’t feel empowered to do what they need to do. For student interoperability frameworks, Fruth explains that the goal is to create a simple data exchange across all the different applications in a digital ecosystem. The reality of interoperability is that data exchange can seem to be simple but is complex. However, no matter how involved and complicated the data management issues are, it needs to be managed, moved, and secured as school districts go through daily operations.
Student data privacy: It’s what you don’t know
“The tools school districts should be most concerned about are the ones they don’t even know are being used,” said Draper. She pointed out that there are 3,500 edtech apps available for classroom use, but there are many more tools and apps that teachers and students are finding on their own. These “rogue” apps are collecting student data and have the potential to be harmful to students and schools.
School leaders should monitor data access in their district by communicating with teachers about the list of district-approved apps and educating them on the district’s, state’s, or region’s privacy policies and regulation. By understanding which tools and apps have access to student data, districts can build a safe student data privacy practice that is in line with their technology strategy.
According to Draper, since 2013, there have been over 500 student data privacy bills proposed in the United States, and this number is expected to double in 2019. States are increasing their legislation and organizations such as CoSN and SETDA are doing work around helping districts “get their teeth around” creating sound student data policies. Access to student data is a hot topic in New York, Florida, and Louisiana, where legislators have created laws that specifically identify what school districts need to understand about what information is going out and what apps have access to their data.