The COVID-19 pandemic resulted in academic institutions adopting new strategies such as video-conferencing tools and digital-teaching resources to enrich online learning experiences. 97% of college students say their schools had switched to online learning, however, the increased use of technology to support learning means that more personal data about students is being collected. This has brought to light issues of privacy such as what student data is being collected and how it’s being used.
This blog outlines why we have to prioritize student privacy and what academic institutions can do to alleviate such concerns.
What Is Student Data?
Student data is, in essence, any information about an individual student that’s collected and stored by colleges, universities, technology providers, and other stakeholders. It can include high-level academic and disciplinary records, age, or location. It could also be granular details—things like how long a particular student took to perform a task—gathered by apps, websites, and other online services.
Are Students Concerned About Privacy?
A study published by the National Association of Student Personnel Administrators and the think tank New America asked students if they were comfortable with colleges collecting their data. It revealed that students largely trust their institutions to keep their data safe, especially through known and branded institutional apps.
At the same time, the research also showed that many could be apprehensive about third-party tools and how they handle and manage sensitive data. That’s why it’s more important than ever that academic institutions choose reliable, secure technologies that can keep student data safe and easily blend into their existing ecosystem.
How Can Colleges and Universities Limit Privacy Issues?
A strategic and tactical approach to privacy can help academic institutions prioritize their security strategies to safeguard student data, institutional data, and resources. This requires the combined efforts of educators, administrators, and technology partners to do the following:
1. Build Awareness About the Importance of Privacy
Creating a culture of data privacy starts by integrating privacy considerations with regular activities. This can be done by providing faculty and staff with training focusing on:
- The significance of balancing innovations in learning with privacy and security responsibilities.
- The key elements necessary to complete a privacy assessment for technology in education.
- The legal obligation to complete accessibility training in order to provide reasonable accommodations that promote equity for all learners.
Building awareness about the importance of privacy and security will allow staff to protect academic, student, and personal data.
2. Create a Technology Vetting Process
Educators have their own innovative strategies for delivering their courses online such as integrating digital online tools, apps, and resources to teach their students. Each of these tools has different privacy laws regarding how data is collected, used, and shared. That’s why academic institutions need to have a rigorous process in place for vetting third-party platform providers, so they can be confident each vendor’s approach to security and safety is as stringent as their own.
To do this, colleges and universities should be asking critical questions such as:
- Is this vendor aware of and certified in best practices of what to do with the information?
- Is the entire company trained in compliance and security?
- Is the company compliant with standards like FERPA (the Family Educational Rights and Privacy Act) and GDPR (the General Data Protection Regulation 2016/679)?
When it comes to educational technology, academic institutions not only need to trust the tools they integrate to keep student data safe, but they also need to trust the company that creates and deploys the online tools.
3. Implement Policy
Colleges and universities can also safeguard student data by implementing privacy policies. For example, academic institutions can work with their learning management system (LMS) vendor to develop learning tools interoperability (LTI) processes for integrating additional online applications into the educational system.
This means that if an educator wants to include a specific learning technology—such as homework tools, grading tools, video tools, and subject-specific tools—they would have to put in a request to an administrator. If this request meets the academic institution’s and the LMS’s privacy policies, it would then be approved by the administrator and integrated into the course shell. This process helps make sure that only secure third-party resources are used.
The privacy and security of student personal data is critical to creating a protected learning environment for students. For that reason, colleges and universities need to take proactive steps to address privacy gaps in their online learning models. This begins by collaborating with technology vendors that support that concept—where you get to choose what they can and cannot do with student data.
Visit Our Privacy Center
Student privacy and online security issues aren’t new. Rather, these issues are occurring on a larger scale as academic institutions move more of their education online. As educational technology continues to develop, the questions and concerns that were raised during the pandemic will continue to be part of the conversation. That’s why we must focus on enacting security practices that not only empower students but also keep them safe throughout their learning journey.
Visit our privacy center to learn about our approach to data privacy within D2L Brightspace.