« Libraries and PC balance | Main | A different reading year »
Saturday
Feb062021

BFTP: 10 things teachers can do to protect student data

 

Educators, each year an increasing amount of information about your students is being communicated and stored - especially in electronic formats. You as a professional have an ethical obligation to know the laws and best practices around data privacy as it pertains to education.

Yes, I know you also have a new curriculum, five preps, two extra curricular coaching responsibilities, and a family you like to see now and again. I'll try to keep this short and practical. Here we go...

  1. Always lock your computer screen when it's not being used. A simple keyboard command will lock most computers (Windows-L on a Windows PC.) If you have problems remembering to do this, set your computer to go into sleep mode after 5 minutes of inactivity and require a password to wake it up. Oh, papers with student info on your desk can be easily viewed as well.
  2. Protect your passwords and change them now and again. I am not a huge fan of extraordinarily long or complex passwords or changing a password every two weeks, but passwords do need to changed now and again (once a semester, anyway) and passwords ought to be a combination of numbers and letters. Does anyone really need to be reminded not to write passwords on sticky notes placed on your monitor? Get and learn a password keeper program if you'd like.
  3. Be wary of educational products that create student accounts. Be very careful when using new online products that want information so they can create individual accounts for students. Your district should have a list of programs that have been vetted by the technology department for acceptable data privacy practices (COPPA compliance, at least.) Yes, explore new programs that will aid your students - just do it carefully.
  4. Store student data in the cloud. Cloud-based applications and data storage programs have a good track record for being secure. Please use GSuite or other online storage environments your district may provide. Cloud-based student information systems and learning management programs are pretty secure. Please don't keep student data on the hard drive of your laptop and leave your laptop where it could be stolen. Or on a flash or other type of portable drive. 
  5. Don't post printouts with  private data in your classroom and be cautious about what you put online. Guess what - kids know each other's student ID numbers so if you associate test scores or overdue books or grades with ID numbers instead of names, you are not really honoring student privacy. This regardless of whether the data is on a webpage or a paper printout.
  6. Be cautious when posting photos of your students to the web or social media. Most districts have parents who have requested that student information, including photos, not be share in the public media. You need to know which kids' faces in your class can't grace your website, newsletter, or Facebook page.
  7. Only use trusted wifi connections when working with student data. I don't check my bank account from any "free" wifi services in coffee shops, airports, hotels, etc. And you shouldn't be doing school work that involves student data using those networks either. Please use our secure network here at school rather than the public wifi as well.
  8. Understand the concept of spear phishing and double-check odd data requests. Get any strange requests from a colleague or administrator asking for data? Please double-check that these are legitimate. Spoofing the email address of an authority to send emails requesting data aka spear phishing is a too common practice that has caught a lot of people. Don't be a sucker (pun intended).
  9. Know your district and state's data privacy laws and policies. You don't have to read the laws (FERPA, COPPA, PPRA plus state laws and district board policies) but you better know the gist of them. Do you know what is considered PII - Personally Identifiable Information - in your district?
  10. Help your students understand what they can do to protect their own privacy. Sharing passwords is a common practice among younger students (and probably a few older ones). Every teacher should be addressing Digital Citizenship in her/his classes and protection of and respect for the privacy of others is a critical part of these instructional efforts.

A good resource to learn more about how you as a teacher can help safeguard your students' personal data is ConnectSafely's The Educator's Guide to Student Data Privacy. Put it at the top of your professional reading list.

Oh, we've come a lond way as eductors getting privacy savvy. In the mid 2000's I remember visiting a teacher in an elementary classroom who had asked me to troubleshoot something on her computer. When I asked her to log-in, she called a student over and had him to it since, she said, she could never remember her own passwords.

Original post 8/10/18

EmailEmail Article to Friend

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>