Washington, D.C., and the MLB All-Star game were the backdrop for the inaugural CoSN Student Data Privacy Workshop. 35 CTOs, CIOs, and Superintendents from as far away as Texas gathered to collaborate on this important topic. The framework of this event was the CoSN Trusted Learning Environment (TLE) Seal Program. This seal program is the “nation’s only data privacy seal for school systems” that recognizes school districts’ commitment to high standards around student data privacy. The workshop was presided over by Linnette Attai, CoSN Project Director, President of Playwell, LLC, and author of Student Data Privacy: Building a School Compliance Program focused on four of the five TLE core practice areas: Leadership, Data Security, Business Practices, and Professional Development and Classroom.
Champions was the term most used during this session. During both the leadership failfest and the discussion panel by four TLE seal leaders, it was emphasized that it is critical to have leadership champions. By getting district and building leadership involved, decisions around student data policies will be value-driven, not fear-driven.
The tabletop exercises around data security were educational for many at this workshop. Linnette energized us into action when attendees were walked thru a comprehensive incident response plan model that included response team identification, detection and analysis of the situation, containment, remediation, communication, and post-mortem.https://2b33be029767acfd1fea615174589119.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html.
This third core element ignited much discussion around the building and implementation of third-party vetting processes. The group’s consensus was that it is important to look at what other schools are doing, get into a dialog with third-party vendors around a district data privacy agreement, and recognize the risk management around vetting possible third-party applications program adoptions in your district.
This share session focused on creative ways to approach professional development within our districts. It was a lively discussion ranging from posters around the school to phishing tests to weekly tips for faculty in creative locations. We all agreed that student data privacy is a mindset and cultural change that will take time. If we can make connections for parents and teachers about how this could impact their personal lives, we can make those critical changes that will protect our students. Educating teachers then helps inform their classroom practices and then educate students and parents on these important issues.
This CoSN workshop modeled engaging in the process by having all participants complete a CoSN TLE Practice Self-Evaluation. This self-evaluation had the group taking a hard look at strengths and areas of concern around data privacy policies in our own districts. The workshop ended with a reflection activity that resulted in a data privacy action that participants could build upon in our own districts.
Data privacy is not an IT problem; it is a people problem. As Keith Krueger, CoSN CEO, stated in his welcome letter, we need “to reframe the conversation around privacy of student data, and the key is to move from privacy to trust with our parents, community and policymakers.”