During the throes of the COVID-19 pandemic, many school districts were quick to send devices home with students and to provide digital resources that may have been engaging, but may not have been as “data safe” as districts thought. Recent articles emerged as a result of remote learning, including:
While these articles may seem alarming, I [Diane Doersch] feel they do not acknowledge that most school districts, under non-pandemic circumstances, most likely do have a digital resource vetting process.
When I served as Chief Technology and Information Officer for a large Wisconsin school district, it was my responsibility to ensure that the digital resources (apps, extensions, systems, digital textbooks, etc.) students were using in our school district were keeping student data safe. As I read the articles above, and many others, I realize that there appears to be a lack of clarity and understanding around the process school districts use to review digital resources.
A thorough software vetting process under non-pandemic circumstances likely begins with technology and legal departments receiving validation from the curriculum department that the resources are, indeed, good for learning; that is the No. 1 consideration when using and purchasing a digital solution. Next, a technical review ensures that the resource is interoperable, meaning that required data can flow safely and seamlessly from one system to the next. An example would be a learning management system (LMS) that is connected to the student information system (SIS) for real-time student rostering. That connection enables new students in a course to receive access to the LMS immediately, without having to wait for somebody to provide access to the materials. Finally, a non-disclosure agreement is established between the school district and the provider of the digital resource. This agreement is a promise by the provider that they will be good stewards and caretakers of student data. I applaud school districts such as Los Angeles Unified School District who post their procurement requirements to which the solution providers must adhere. Here is an example of New York City Department of Education’s student data privacy requirements. Many school districts require signed non-disclosure agreements from the digital resource provider before a purchase of their product is made.
The U.S. Department of Education’s Privacy Technical Assistance Center (PTAC) has created a list of model Terms of Service that should be included in non-disclosure agreements. Understanding the terms and conditions involved in this set of agreements can be helpful for all those who are part of the educational process:
We have summarized some of the Privacy Technical Assistance Center’s model Terms of Service components below to help you understand what to look for in Privacy Policies and Terms of Service:
After the non-disclosure agreement is signed and the resource is purchased by the school district, the resource can be named as a district resource. In some states school districts are required to disclose to parents or guardians the titles of all the digital resources students use. It is a best practice by school districts to have the parents “opt in” or give consent for their child to use those resources.
Transparency in all resources used, including digital, is an expectation of our community. It is essential that our school districts continue to do their due diligence in the resource vetting process, making sure that it has instructional value and that it keeps our students’ data safe.