Privacy Laws in Public Schools

Privacy Laws in Public Schools

After school, students also immerse themselves in technology. Many students have their own cell phones or at least access to a home or public computer. They text each other, post on their Instagram accounts, or tag popular online games like Fortnite or Minecraft to pass the time. The coronavirus outbreak also means that much of a student`s daily life, from learning to socializing, has also migrated online. The shift to online classrooms and digital learning means concerns about student privacy and data collection are more important than ever. Here are some best practices to ensure your organization`s compliance. FERPA often gets the most attention when it comes to protecting sensitive student data, but COPPA goes further and specifically addresses data protection for children under the age of 13. Nevertheless, attitudes towards searches continue to change and additional privacy protections may be available at the national and local levels. Contact a local attorney for the most up-to-date and accurate privacy information in your area. Reading the privacy policy and terms of use of each online service provider is an important step in protecting student data. Understanding what third-party technologies are currently in use in the district and determining which operators have access to sensitive student information are also necessary steps to proactively protect student privacy. The rule defines what an operator must include in a privacy policy, what is their responsibility to protect children`s privacy and safety online, and when they must obtain verifiable consent from a parent or guardian.

The rule also imposes firm restrictions on marketing to children under the age of 13. In short, EdPrivacy is a privacy assessment and management system that simplifies and streamlines the exam process for schools. At the request of the school, operators must give parents the opportunity to view and/or delete their child`s personal data, and schools are responsible for ensuring that operators delete all personal data as soon as it is no longer needed for the intended educational purposes. In other words, the school`s ability to consent to the parent is limited to whether the service is being used for educational purposes. If the service is used for non-educational purposes, the operator must obtain verifiable consent directly from the parents. Targeted advertising, public and/or social profiles, and the sale of data are examples of non-educational purposes that require parental consent. CIPA applies to all schools and libraries that participate in the FCC`s E-Rate discount program, where they receive discounts for Internet access or internal connections. FERPA`s regulations are designed to protect privacy and include paper and computerized school records, directory information, and anonymized data. School records are any material (records, documents, etc.) that contains information directly related to a student and is managed by an educational organization or institution, or by a person acting on behalf of the organization or institution. The information contained in the directory is any information contained in the school record that is not considered harmful or invasive of privacy when disclosed. And anonymized data is where all PII has been deleted and where a reasonable determination has been made that a student is not personally identifiable.

Generally, schools must have written permission from the parent or eligible student to disclose information contained in a student`s academic records. However, FERPA allows schools to share these records without consent with the following parties or under the following conditions (34 CFR § 99.31): The FTC expects companies to publish a privacy policy that clearly describes what personal information is collected and requires an explanation of how that information may be used. The FTC also requires schools to make these notices available to parents to the public. The third major federal law to protect children is the Child Internet Protection Act of 2000 (CIPA), which deals with children`s access to obscene or harmful parts of the Internet. It requires libraries and K-12 schools to use web filters and other measures to protect children. Some states require your parents to be notified before you are tested or treated. Ask your local ACLU about your state`s laws regarding HIV testing for minors and where you can be tested anonymously. One last thing: your school or employer does not have the right to force you to be tested for HIV. You have the right to refuse an HIV test. The Ministry of Education maintains a website called “Student Privacy” with information explaining the best practices that everyone in education – from students and parents to teachers, providers and researchers – must adopt to manage student data while preserving student privacy.