Districts trying to navigate rapidly shifting legal, technical, and parent concerns about student data privacy can take immediate steps, including designating a senior administrator as the person responsible for ensuring adherence to applicable laws and policies.
That’s just one of the new recommendations from the Washington-based Consortium for School Networking, a membership association for school technology officials that last week released two new privacy-related resources.
The first is a listing of “Ten Steps Every District Should Take Today.” The second is a listing of “Security Questions to Ask of An Online Service Provider,” including detailed probes on data collection, network management and security, data storage and access, metadata retention, and more.
“School leaders often need to access information immediately and with minimal hassle. These standalone resources will help district leaders quickly obtain the information and guidance necessary to ensure student privacy,” said Keith Krueger, CoSN’s CEO, in a statement released by the group.
In March, CoSN released a comprehensive data-privacy toolkit for educators. That came on the heels of a number of related resources from other groups, including technical assistance from the U.S. Department of Education and best practices issued by the Washington-based Software & Information Industry Association, an industry trade group.
Among the other steps included in the new CoSN recommendations are making sure district legal counsel are on top of privacy laws before problems emerge, implementing clear processes for selecting instructional apps and online services, and using the procurement process to ensure proper protections from vendors.
Recommended questions to ask of online service providers touch on topics including what data is collected; what kind of backups are performed; whether any student data is stored outside of the U.S., and how data is protected in transit.