Student data privacy in schools
Learn what teachers and administrators need to know about protecting student privacy. Adobe discusses student data privacy, FERPA, & more.
Today’s classrooms generate vastly more student data than we could have imagined a few decades ago. A digital ecosystem of apps, websites and devices enable teachers to share instructions and resource links, track students’ progress through assignments, collaborate on drafts, and assign grades in real time.
This universe of digital data provides educators with unprecedented insight into each student’s thought process, empowering them to provide personalized guidance exactly when it’s needed most. But at the same time, the sheer volume of this information requires it to be stored on third-party cloud services — raising new questions around privacy and security.
How can school administrators make sure their students’ data remains private? The first step is to clearly define what the word “privacy” means in this context.
What is student data privacy?
Student data is considered private when it’s secured from access by unauthorized parties. In particular, strict regulations govern the use, collection, storage and handling of students’ personally identifiable information (PII), which includes all info that could be used to identify, locate or contact that student — such as their full name, address or social security number. Schools and digital platforms are also restricted from sharing students’ academic, health, and disciplinary records with any third party who’s not authorized to access them.
Back when student records were kept in locked filing cabinets and on password-protected computers, this type of security was fairly straightforward: admin staff could simply refuse to share students’ private info with anyone who wasn’t supposed to see it. Today, however, cloud-based Student Information Systems (SISs) have made student data privacy a far more complex issue. While these digital systems have greatly streamlined the collection and management of student data, vendors aren’t always transparent about how they store that data, or who’s able to access it.
At the classroom level, meanwhile, educators face similar concerns around Learning Management Systems (LMSs). These flexible platforms enable teachers to share assignments digitally, observe students’ progress through each step of the work, and even collaborate in real time to guide students through challenging spots. They’re also helpful for record keeping, organizing thousands of assignments and grades into a single searchable database. As a result, LMS vendors end up with an enormous amount of student information — and it’s not always clear how they protect that data.
Why is student data privacy important?
On an ethical level, student data privacy is crucial because it’s every educator’s responsibility to keep their students safe. Privacy is also highly important from a legal perspective: schools can lose federal funding, or even be shut down permanently, if they fail to safeguard students’ personal information. And while enforcement of these laws has historically been hit-or-miss, the complexities of today’s digital landscape are bringing schools under much closer scrutiny.
Since 1974, all schools that receive funds from the U.S. Department of Education have been subject to the Family Educational Rights and Privacy Act (FERPA). This legislation prevents schools from disclosing a student’s personal information without written permission from that student’s parents. If a school fails to comply with FERPA, they’re subject to losing their government funding — and that applies not only to student data stored on school computers, but also to information collected by third-party systems the school uses.
The Protection of Pupil Rights Amendment (PPRA), signed into law in 1978, expands on FERPA’s restrictions. This amendment allows parents to deny permission for a student to participate in any “survey, analysis, or evaluation” that collects personal information. Since most remote learning systems include surveys, analyses and evaluations, it’s tricky to know how to interpret the PPRA’s language in the context of a digital classroom — but the 1998 Children’s Online Privacy Protection Act (COPPA) makes it clear that no commercial website, app or platform can collect personal information about a minor without verified parental consent.
How does Adobe help protect student data?
At Adobe, your security is our priority. We fully recognize that handling students’ personal data is a tremendous responsibility — so we regularly review all our products and systems, keeping them up to date with best practices in digital privacy, as well as the latest regulations covering educational institutions.
Solutions like Adobe Acrobat and Adobe Sign, which are backed by this promise, provide the most stringent levels of security for handling student data and ensuring compliance with the complex regulatory requirements of the education space. What’s more, Adobe Sign is an excellent solution for supporting data privacy and compliance needs, by managing access, authentication, and user identities, certifying document integrity, verifying e-signatures, maintaining audit trails, and more.
What’s more, we make it a priority to be transparent about how we handle your data. Visit the AdobeTrust Center to find out more about how we collect, store, handle and use the information our tools collect. And we’re always here to answer questions or concerns you may have around data privacy. Feel free to reach out any time.
In the longer view, our mission is to guide you on the next steps of your digital transformation journey. That’s why we’ve created the Adobe for Academics website, and our Education Resource Hub, to help your school leverage digital data to optimize the day-to-day experiences of students, parents and staff — both in the classroom, and beyond.