Why Does Student Data Privacy Matter?
- Legal and Ethical requirements for protecting student’s personal information.
- Protects students from harm, including identity theft, discrimination, and predatory activity.
- Protection from financial risks, loss of classroom time, loss of public confidence, and alienating parents.
- Reassures parents and students about the privacy and security of their personal information.
Do you know all the applications your district is using and who has access to this data? When do districts need a data privacy agreement and why is this important?
Per FERPA, if a third-party vendor is collecting student personally identifiable information (PII), the vendor must be designated as a school official from the district or parental consent is required.
PII is information that can be used to identify a person, even when combined with other known data or context. Something as seemingly generic as a student’s first name can be combined with another piece of information gathered later that will identify the student through the process of elimination.
Student data privacy requires a leader, but everyone is responsible for ensuring student data privacy. Districts without an internal vetting system for their applications put themselves at risk if employees are allowed to approve software for student use without an approved process. The district is taking on the liability of the student’s data without knowledge of the application.
The MO-National Data Privacy Agreement (MO-NDPA) is based on FERPA and gives the district direct control over the student record and designates the third-party vendor as a school official. It provides the district protection in the event of a vendor’s data beach.
To learn more about data privacy and how MOREnet can help: