In the past year we’ve had hundreds of conversations with educators and students about student support needs. It’s critical that as schools capture more data about support needs that well-defined policies and practices are in place to protect privacy, and student data privacy has come up in almost every conversation. Many schools are tracking student information for Multi-Tier Systems of Support (MTSS) using spreadsheets and other simple tools that don’t allow for efficient or effective use of the data to support student success — which is one reason we’re building Intellispark Pulse. As MTSS becomes more embedded in practice, it’s critical to address the student data privacy implications and ensure that everyone with access to the data understands how to protect it.

Student data privacy is top of mind for us, and we know it is for the schools and students we serve. With this in mind, we invited Linnette Attai, a noted expert on the subject to provide a guest blog post. She offers a path to training teachers on properly managing  student data privacy that can give peace of mind to all who serve students.   

—   — —   — —

The modern school district collects a vast array of information from and about students, often used to develop deep insight into how their students are learning and progressing. Leveraging that information properly to ensure that each student succeeds depends in large part on how well teachers are able to use it to inform their classroom practices.

Unfortunately, as school districts ask teachers to do more with student data, many are not yet training their teachers on how to properly protect student data privacy. Instead, many districts focus their student data privacy programs almost entirely on the technology. It’s understandable. The complexities of assessing the privacy and security practices of the companies running the technology brought into districts and managing them in a manner that protects student data is a significant undertaking. In addition, given the already heavy load of training that teachers are required to complete, it’s often challenging to add one more topic to the mix.

However, the key to truly protecting privacy rests in our behavior. Everyone has a role to play in protecting student data privacy, and everyone needs to know how to act in order to do it well. If we expect teachers to do their part in protecting student data privacy, we need to provide them with guidance. 

Here are some tips for developing a training plan with minimal disruption and minimal resources: 

Decide on the Content

            Everyone should be trained on federal and state legal requirements, district policies and security, including phishing, password requirements and secure transmission of student data. Team training should be more granular. For example: What specific behaviors are necessary for each team to protect student data privacy? How do those help ensure legal compliance? What is the process for ensuring that only compliant technology is used in the classroom? What are the rules for sharing data? What specific policies and procedures apply to your teachers? Why are they important?  Make your list, and remember that you don’t need to deliver all of the lessons at once.

Gather the Materials

            Do you have training materials you can leverage or will you need to create them? What is available to you from the US Department of Education or neighboring districts to get you started? Crowd-source materials, working with other districts and state boards of education that have already developed their training. Then consider how people are to behave to comply with your own district policies, and use that as the kernel for your privacy training.

Choose the Media

           How will you deliver the training? Will you do in-person training, develop an online module, provide reading materials or some combination of these approaches? It doesn’t have to be expensive to be effective. It also doesn’t have to be delivered all at once. Consider creating a series of email tips, providing reading materials and other self-paced resources, along with short videos you can record on any smart phone. Be creative to keep it engaging. Challenge teachers and students to create their own data privacy posters or run privacy quizzes with teachers for bragging rights. Deliver student data privacy training in different ways and at different times to keep it fresh and top of mind.

Keep it Positive

           Student data privacy laws can be challenging to digest, and the conversations around privacy and security often focus on everything that could go wrong. Deliver a balanced message by emphasizing not what can’t be done, but what can be done with student data, effectively and ethically, to support student success. Showcase how collection and use of student data connects to your school mission, and share other steps the institution takes to protect student data privacy. Be sure your teachers know why protecting student data privacy is important, why they are critical to the work, and how protecting student data can also help protect their own information. 

Share with the Community

            Once you’ve developed your training materials, don’t keep it all to yourself. Share your training with community members. Empower teachers to have more constructive conversations with parents about your use of technology and the protections that are in place for your students. 

Everyone has a role to play in protecting student data privacy, and the training you provide is critical to ensuring that your teachers are truly prepared to work in the modern classroom. As an added bonus, the more your teachers know about protecting student data privacy, the more they’ll be able to pass those lessons on to their students, empowering them for the future.

For more information about how to train teachers on properly managing student data privacy  please see Linnette’s book: Protecting Student Data Privacy: Classroom Fundamentals.

Linnette Attai

Linnette Attai

Linnette Attai is the founder of PlayWell, LLC, a global compliance consulting firm providing strategic guidance around the complex obligations governing data privacy, marketing, safety, and content. Linnette brings more than twenty-five years of experience to the work, advising on privacy and marketing regulations, developing policy, and building organizational cultures of compliance. She also serves as virtual chief privacy officer and General Data Protection Regulation (GDPR) data protection officer to a range of organizations. Linnette is a recognized expert in the youth and education sectors and speaks nationally on data privacy. She is a TEDx speaker and author of the books, Student Data Privacy: Building a School Compliance Program and Protecting Student Data Privacy: Classroom Fundamentals.