As part of our ongoing commitment to advancing the protection of student data, we are talking with leading vendors and educational organizations to learn more about the ways they use and safeguard student data.  We’ll share what we hear in this series.

Lenny Schad, Chief Technology Information Officer (CTIO) for Houston Independent School District (HISD), is an outspoken advocate for creating a rich data-driven learning environment in every classroom – what the district refers to as “tier 1 instruction” – and for the role technology can play in helping classroom educators achieve that impact.

Over the last three years, he’s been leading the effort to help HISD implement a robust, secure technology infrastructure and foster new, tech- and data-savvy teaching practices.  An integral part of using technology to enhance classroom practice is to gain control over student privacy protection. “This is an issue that must be addressed and it requires a multi-pronged approach and cross-functional teams,” advises Schad.   “The CIO must be hands on and has to take on the role of linking with other departments across the district, like curriculum and assessment.” This approach can ensure that all parts of the organization are fully invested in improving daily privacy practices district-wide.

The challenge becomes one of enhancing teachers’ ability to use new tools effectively and employing student data privacy protections. What can district leaders do? Schad shared five essential best practices for district leaders to adopt.

  1. Build awareness among educators

Educators are already sensitized to the need to protect details about their students’ lives and learning.  However,  new education technologies and apps create new and sometimes unexpected privacy issues around student data.  A fourth grade teacher who signs students up for a new reading application may not even realize that student data is vulnerable.  The ways that applications handle student data is often not clear or obvious to teachers.  Laying the groundwork for teachers to understand the real implications of ‘clicking yes’ should be the starting point. “You have to tell people ‘why’ first, then move to ‘how,” Schad advises.

  1. Strengthen technical solutions by consolidating and securing resources

HISD is currently rolling out a district-wide resource called the ‘Hub’ — a technical platform that consolidates multiple resources in one place for teachers. This ‘one-stop shop’ gives educators easy, secure access to a range of data and tools like student assessment information, digital content for lessons and lesson planning functionality. This kind of consolidation requires the use of technical standards and security mechanisms to make access simple and elegant. A single, secure log-in makes it possible to monitor and control access and ensure the right people get the right information. The closed, internal ‘ecosystem’ of applications keeps data in district control and access and sharing of information strictly monitored. HISD relies on technical content standards published by IMS Global Learning Consortium to ensure that material can be easily and securely accessed and used, regardless of which outside organization is providing it.  

  1. Strengthen educators’ role in the student data security chain through formal training and resources

Once educators understand the “why” (new vulnerabilities) and  new IT controls have been put in place, educators should be trained in the “how” of student data protection.  Professional development and formalized efforts to build awareness are two strategies HISD uses to deputize teachers and administrators. These efforts focus heavily on the need to thoroughly evaluate online tools and resources and their privacy policies prior to use in the classroom.

  1. Enlist vendors as data protection partners

The vendor community has a major role to play in supporting districts’ ongoing efforts to protect data To make it easy for all vendors to put privacy protection first, HISD and several other districts have been working to develop a new rating rubric specific to student online safety, privacy, and security.  The rubric will be released to education vendors later this summer to give them a jumpstart in assessing — and improving — their products.  In parallel, educators can use the rubric to evaluate apps and tools they want for their students.

  1. Get started now and keep going

With the rapid rise of new education technologies and applications, the need for more robust student data privacy protocols is a reality that most districts need to address  as soon as possible. While it can seem difficult to get started, resources are available from organizations like the Future of Privacy Forum, Common Sense Media, and Consortium on School Networking (CoSN).

The new student data privacy frontier requires that almost everyone involved in schools must think differently about how they do their job – from the IT and procurement departments and vendors to classroom teachers to the superintendent and board members. “It’s tempting to assume that IT can provide an easy, once-and-done answer,” says Schad. “But student data privacy is not a project with a beginning and an end. Everyone has a role and they need to know how to play it well.”