Busting the Student Data Privacy Myth
It is possible to balance security with data-driven instruction. Here are five ways to achieve a balance that works for administrators, parents, and technology companies.
By Jack Macleod
Tracking student data gives educators the power to make more informed decisions in their instruction for better student outcomes. But with great power comes great responsibility.
That’s why schools and ed tech companies alike are increasingly making student privacy a top priority. Still, many remain wary about data privacy issues—often due to confusion or lack of information on how the issue has progressed.
Let’s set the record straight on how education-technology companies and schools can find the right balance between the benefits of data-driven instruction and maintaining student privacy.
Myth #1: The privacy-concern drawbacks of tracking student data outweigh the benefits.
Fact: Student data is an invaluable resource, not only to school leaders and educators, but also to parents and students. School leaders use student data to direct decision-making. With enough data, they are able to synthesize information about student performance school-wide and identify whether additional education resources need to be allocated. It also helps teachers drive their instructional choices because they can see where students are excelling and in what subjects they might need more support. Student data gives parents and guardians a window into the classroom so they can better support their child, and students have access to more comprehensive feedback so they can make better choices about their education.
The proof is in the research, too—data-driven instruction leads to better student performance. According to a 2012 report from the Data Quality Campaign, in a study of Oregon schools, those who provided embedded data training for teachers saw a significant boost in test scores and decreased the achievement gap in reading and math at a faster rate than schools without access to data training.
Myth #2: Digitally stored student data will follow a student for the rest of his or her life.
Fact: Best practices set by leading education organizations call for the safe and responsible deletion of student data. School leaders know that student data is not a new concept—schools have stored analog data in files for years. Not only is it easier to safely purge digital data records, but influential education organizations provide guidelines for schools on how to handle student data and make sure vendors are disposing of this data responsibly.
CoSN released the toolkit Protecting Privacy in Connected Learning earlier this year. Schools are advised to contractually require vendors to 1) only keep data as long as it is necessary to perform the services to the school; 2) return all records and delete all copies in possession upon termination of a contract; and 3) dispose of collected data by reasonable means to protect against unauthorized access.
Myth #3: Vendors will sell student data to marketers.
Fact: Under FERPA, a vendor cannot use education records in any way that is not authorized by the school district it serves. By penalty of law, vendors are required to protect student data and forbidden to sell the information. However, there is a valid concern that some companies will use the data themselves for marketing efforts. It is important for school leaders to make sure contracts with vendors specify that the school or district owns the data and clearly defines how the vendor will use the data. Many vendors committed to education are voluntarily making changes to contracts to address these concerns, as well as taking extra precautions with data security.
Myth #4: Student data can be hacked easily.
Fact: Many ed-tech companies are taking steps to protect student data. In an effort to be a trusted resource to the schools they serve, more and more companies are putting industry security standards and best practices into place to make sure student data is as secure as possible, including utilizing SSL encryption and performing regular penetration testing, vulnerability management, and intrusion prevention. At my company, Alma, one of the driving factors of creating an all-in-one secure platform is that data can flow seamlessly between tools with lower security risk. Schools are getting smarter about which companies they decide to work with, too. CoSN compiled a list of question that school districts should ask when looking into a potential vendor.
Myth #5: Parents don’t need to have an active role in setting privacy norms and policies.
Fact: Parents are key stakeholders in the issue of student data privacy. Schools have a responsibility to make sure parents and guardians understand what measures are being taken to protect their children’s information. The Department of Education released a list of best practices for such conversations. There are also a number of resources available from organizations such as Common Sense Media and the Data Quality Campaign that school leaders can suggest to parents so they can become more informed about privacy issues.
Ultimately, it comes down to finding that balance—a solution that offers mission-critical information to schools, teachers, parents, and students while ensuring that information is accessed safely and securely. Once the fear of “big, bad student data” is relieved, schools can receive the full benefits of the information and the insight that student data can provide.
Jack Macleod is president of Alma, an education technology company that offers a holistic student engagement platform for K-12 schools and districts. Alma has offices in Portland, Oregon, and Washington, D.C.