Sandy Keeter is a Professor in the Information Technology Department at Seminole State College in Florida.
The U.S. Department of Education is committed to protecting student privacy by enforcing laws such as the Family Educational Rights and Privacy Act (FERPA) that give students control over their educational records. Schools, faculty, and staff are required to comply with student data privacy and online safety regulations.
Protecting any data or identifiable information is imperative for student safety and security reasons. Student data consists of “Personally Identifiable Information” (PII) which includes name, birth date, phone, address, student ID, demographics, and login credentials. A breach of this data can have long term effects on students and their families.
Tech Tool Risks
As new technology tools and applications appear, the possibilities for educators and students to collaborate, create, and share ideas are endless. When schools use these tools, the companies that provide them as well as educators can collect student data. We must keep in mind how important it is to protect student privacy as well as to help them learn. Teachers should be aware of FERPA and state laws, along with school policies regarding the use of educational products and services.
Personal computers, mobile devices, apps, websites, programs, and online services are used in ways that cause new data to be generated about students that may have never existed before. Third party vendors can collect student communications, along with metadata of their online behavior while using an app. Teachers are ethically obligated to follow, model, and teach good digital citizenship practices. This includes thinking carefully about the digital products and processes they incorporate into any lesson.
We live in a period of digital learning, Internet of Things (IoT), and cybercrime. As instructors, we are trying new teaching methods and technologies so we must always think about how they affect the safety, security, and privacy of our students. With the use of new online tools, teachers must take the necessary steps to ensure students’ personal information is secure and teach them skills to protect themselves.
Faculty Safeguards for Protecting Student Privacy
Faculty have access to substantial amounts of sensitive student data and play an important role in protecting students by keeping their data safe and sound. Following a few best practices will ensure the safety of your students and institution.
- Review the data privacy policies of the tools or applications you use to be sure they meet your needs and have college approval and support.
- Encrypt sensitive information in an email or on voice mail since there is no control over who may access it.
- Store data securely for whatever time is necessary to do the job at hand.
- Delete your “Downloads” folder contents regularly and don’t leave student data lying around.
- Do not give access to or publicly discuss student records with others unless they have a “Legitimate Educational Need to know.”
- When conducting a training, use demo or fake student data when creating handouts and/or presentations. If live data is essential, simply blur the sensitive information.
- Password-protect computers and learning sites; lock or log out when not in use.
- Educate students on safe internet practices and technology use.
Student Privacy Tips for Zoom
FERPA protects any class meetings held in Zoom that include course content or student information. Keep in mind that students should have the choice of turning on video or not as their right to privacy. If teachers are recording class sessions or meetings, the steps below should be followed to protect student privacy:
- Include syllabus language about the purpose of Zoom recordings and the protection of student information so students are aware that you will be recording class meetings ahead of time.
- Don’t share recordings that include student information with anyone not enrolled in your course.
- Consider recording an asynchronous lecture to share with all class sections.
- If you plan to share a recording beyond your course, make sure student video is not visible, student microphones are muted, and chat is hidden.
- Allow students to turn off their camera and microphone and participate via chat if they prefer.
- Although you cannot stop students from using local or personal technology to record a meeting, you can disable cloud recording settings if necessary.
- Password-protect Zoom meetings and watch out for inappropriate screen shares and Zoom bombing.
Institutional Protection of Student Data
Technology makes accessing student data relatively easy, so it needs to be maintained in a secure and confidential manner. Colleges should consider these tips when protecting student data:
- Monitor activity on college networks
- Train employees and provide support
- Reduce the amount of information collected
- Purge unnecessary student information
- Provide the minimal level of access necessary
- Encrypt/protect electronic and paper data
- Publicly post policies, procedures, and notification protocols
Educating Students on Privacy
The more our students do online, the greater their risk of becoming victims of cybercrime, which can include fraud, identity theft, stalking, bullying, email scams, spoofing, and phishing. Students must learn of these risks and how to protect themselves and their devices. Teach students how to protect their privacy with the tips below:
- Keep mobile devices and apps updated
- Don’t click random links or visit unknown websites
- Delete or report suspicious emails to avoid granting access to accounts
- Update and secure all home devices connected to the internet
- Use strong passwords, two-factor authentication, and confirm privacy settings
- Practice safe social media use; be careful not to post personal/sensitive information
- Avoid free Wi-Fi networks to prevent compromising sensitive information
- Secure home Wi-Fi networks and digital devices by changing the factory password
- Optimize operating system, browser, and security software by installing recommended updates
Student Privacy Is Imperative
Privacy is a fundamental human right and establishes boundaries to limit access to our personal information. Understanding the importance of protecting student data is essential to surviving in education. Overly preparing for any situation or breach is the best method for protecting data from getting in the wrong hands. Federal and state laws regulate the privacy of student PII and there are legal and ethical limitations on the collection, use, sharing, and handling of this information. It is our duty and moral obligation to follow and enforce these policies and procedures and our students are putting their trust in us to do so.
Learn more about student privacy by watching the webinar Tech Ethics & Online Teaching by David Ryan Polgar, founder of All Tech is Human and member of TikTok’s Content Advisory Council.