Student data privacy is the “it” issue right now in edtech, as evidenced by a recent special Student Data Privacy Report (free registration required) issued by Education Week. Education Week prefaces the report with a fact that school leaders know all too well—while technology brings great benefits in the way of innovation, it also brings great risks, especially to the privacy of student data and other information.
The report covers a number of important student data privacy issues for schools, including:
- Sharing data between schools and government agencies;
- Pending legislation on the federal level to address student data privacy concerns;
- Lessons learned by schools in security breaches;
- The growing demand for data privacy insurance in schools; and
- The need for better training on data privacy issues.
All of these issues are of crucial importance for school leaders to understand, but in my opinion two deserve the greatest attention.
The first is the growing trend toward obtaining cyberinsurance. Cyberinsurance policies focus on protecting a school district in case of a data breach or network security failure. As the Education Week report points out, these policies were born to serve the private sector, but have evolved to help schools who fear that they may be the next to deal with costly breaches like those that rocked companies like Home Depot and Target. We are seeing more and more of our clients looking into the policies. As always, we advise that you talk with your insurance representative to understand if such a policy is a good fit for your school district.
Training on Student Data Privacy
The second key issue is the need for better training on data privacy issues. School leaders should take steps to educate administrators and educators alike on the district’s policies and procedures regarding student data privacy. What information about a student can be posted online? When can a teacher use an online service or application with students that requires registered student accounts and/or the sharing of student data? What concerns should business managers be on the lookout for relating to contracts for operational services such as student information systems and assessment systems? This is a heavily regulated area of law, so if your school leaders and employees don’t know the answers to these and other important student data privacy questions, training may be necessary to avoid the pitfalls identified in the Education Week report. (Of course, before you can train, you have to have the policies and procedures in place. We talked about this issue in a recent FR Alert that you can check out here.)
I will be talking about these and other student data privacy issues with two of my colleagues, Brian Crowley and Nicki Bazer, at the upcoming “Triple I” Joint Annual Conference of IASB/IASA/IASBO, so hope many of you will come join the conversation then. (For attorneys, I will also be speaking on student data privacy at the ICSA Seminar on School Law that same week). What’s certain is that this issue is only going to grow in importance for school leaders, and staying on top of resources such as the Education Week Report is a crucial part of school leadership in the 21st century.