10 Principles for Protecting Student Data

Keith Krueger, CEO – the Consortium for School Networking

Today, having the right high-quality data can help parents, teachers, policymakers, and other stakeholders make informed decisions to improve student achievement. These data include things like student attendance, demographics, college-readiness scores, student growth data, teacher impact on students, success in college, and other useful, appropriate information.

Often, this information is very personal and it is critical that it be safeguarded appropriately. In fall 2014, the Data Quality Campaign and the Consortium for School Networking, along with the major national education organizations, convened to talk about what we could do together to guide and support educational organization to effectively use and protect student information.

The first significant step we took together was to create 10 principles to guide our work and serve as a north star for educational organizations to follow. These Principles have been endorsed by 40 national education professional associations and nonprofits, including the PTA, both teacher unions, superintendents, school boards, principals, chief state school officers, and CoSN. This is a fundamental framework for educational institutions to build upon, above and beyond complying with federal, state, and local laws. This level of consensus by the education community on a controversial issue like privacy is historic.

We believe:

  1. Student data should be used to further and support student learning and success.
  2. Student data are most powerful when used for continuous improvement and personalizing student learning.
  3. Student data should be used as a tool for informing, engaging, and empowering students, families, teachers, and school system leaders.
  4. Students, families, and educators should have timely access to information collected about the student.
  5. Student data should be used to inform and not replace the professional judgment of educators.
  6. Students’ personal information should only be shared, under terms or agreement, with service providers for legitimate educational purposes; otherwise the consent to share must be given by a parent, guardian, or a student, if that student is over 18. School systems should have policies for overseeing this process, which include support and guidance for teachers.
  7. Educational institutions, and their contracted service providers with access to student data, including researchers, should have clear, publicly available rules and guidelines for how they collect, use, safeguard, and destroy those data.
  8. Educators and their contracted service providers should only have access to the minimum student data required to support student success.
  9. Everyone who has access to students’ personal information should be trained and know how to effectively and ethically use, protect, and secure it.
  10. Any educational institution with the authority to collect and maintain student personal information should
    • have a system of governance that designates rules, procedures, and the individual or group responsible for decision making regarding data collection, use, access, sharing, and security, and use of online educational programs;
    • have a policy for notification of any misuse or breach of information and available remedies;
    • maintain a security process that follows widely accepted industry best practices;
    • provide a designated place or contact where students and families can go to learn of their rights and have their questions about student data collection, use, and security answered.

The second significant step is to put those principles into practice and start building what we call a “Trusted Learning Environment”, or TLE for short, in the US. These are the educational leaders who take those principles and put them into practice, along with a strong communications effort to parents, communities and other stakeholder. In addition to CoSN, other lead partners include the superintendents association (AASA), the school business officers association (ASBO) and the curriculum association (ASCD)

Nearly 30 school districts are working to develop the framework for the seal. Our goal, is to have 100 or more school systems adopt the TLE badge by the end of 2016. That is a significant hill to climb, but all of us believe passionately in the effective use of data to support student learning and success, and the critical importance of protecting that data.

Both of these efforts are an attempt by CoSN to help school system leaders reframe the conversation from one around privacy to one of trust and transparency.

If your organization believes this is important, the first thing to do is consider the Student Data Principles. The second thing to do is visit our website, contact us, and get involved.

Images: