Many schools have seen an explosion in the number of applications that teachers use with students in classrooms. Although digital tools can enhance learning, the expansion in technology has resulted in an increased number of cyber-attacks and privacy breaches.
Transparency and consent are fundamental principles in protecting student privacy
EdTech providers should clearly communicate their privacy policies and data collection practices to educational institutions, teachers, parents, and students. Obtaining consent from parents or legal guardians is crucial, particularly when dealing with personal information.
Best practices to safeguard student data:
1. Minimise Data Collection and Retention
EdTech tools should collect only the minimum amount of data necessary for the intended educational purposes while data retention should be kept to a minimum, and any unnecessary data should be promptly and securely deleted to reduce the risk of unauthorised access or misuse. It is important to remember that there are internal factors that can put student data privacy in jeopardy such as wrongly profiling a student based on their current gender, activities, or interests.
2. Create a process for vetting apps
New EdTech tools enter the market every day. In the 2022-23 school year, K-12 accessed an average of 2,591 education technology (EdTech) tools in the United States. This is a significant increase from the 2016-17 school year, when only 300 EdTech tools were accessed per school district, according to Statista.
Schools need an efficient process for reviewing apps they think are connected to the school’s web domain and this includes, monitoring apps used by:
- Students
- Teaching staff
- Curriculum staff
- Business departments
- Possibly your superintendent and/or a school board member
3. Know your vendors’ terms of use and privacy policies
Whether it’s a free or a paid app, it is important to understand the vendor’s terms of use and privacy policies. Many new vendors have recently entered the EdTech market. Many schools may not be aware of the unique data use and compliance requirements that are standard in K-12 and or working with student’s information.
4. Adopt Secure Authentication and Access Controls
EdTech tools should implement secure authentication mechanisms, such as strong passwords or multi-factor authentication, to ensure that only authorised individuals have access to student data. User roles and permissions should be clearly defined, granting appropriate access levels based on the need-to-know principle.
Regular audits of user accounts and access logs should be conducted to identify and address any potential security breaches or suspicious activities. Security audits and vulnerability assessments should be conducted to identify and address any potential risks or vulnerabilities.
5. Educate Users on Data Privacy
Educational institutions, teachers, and students themselves should be educated about data privacy and security best practices. This includes raising awareness about potential risks, teaching students about responsible online behavior, and providing training on how to use EdTech tools safely. By prioritising data privacy, we can harness the benefits of EdTech tools while safeguarding the sensitive information of our students.
To further support educational institutions in enhancing data security, companies like Authing and BSD Education offer invaluable resources and solutions:
- Authing is a cloud service provider that focuses on identity authentication and access management. Their products and services include identity authentication, single sign-on, multi-factor authentication, user management, and permission management. Authing’s solutions help businesses and educational institutions achieve unified authentication and access control in applications and systems, thereby improving security and convenience. By enhancing data security, reducing management costs, and improving user experience, Authing ensures a secure and efficient identity authentication system.
- BSD Education empowers educators with tools to start, improve, and scale coding, technology education, and entrepreneurship programs. With over 600 hours of fully resourced curricula and instructional support, BSD Education enables educators to get started with just 90 minutes of familiarization. Their foundational pedagogy, along with evidence-based practices for curriculum design, prepares students for future challenges where artificial intelligence, augmented reality, and data privacy are critical. BSD Education embeds computational thinking, design thinking, coding/programming, and digital citizenship into their curriculum, ensuring students are equipped with career-ready skills for the digital economy.
- By leveraging these resources, educational institutions can enhance their data security practices and ensure that student information is protected, allowing them to focus on delivering high-quality education.
