How does the Family Educational Rights and Privacy Act affect cloud data, and when can IT leaders be held liable? Here’s what districts should know about these laws in today’s education landscape.
This article was originally published in EdTech Magazine on 4/28/22To effectively address student data privacy, K–12 IT leaders need to understand the legal requirements. As districts shift operations to the cloud — and with bad actors increasingly targeting schools — IT teams need to ensure they are meeting both the letter and the spirit of the law.
The main federal statute guiding student data privacy is FERPA, which stands for the Family Educational Rights and Privacy Act. “It requires that schools protect the privacy of education records and give parents access to them,” says LeRoy Rooker, senior fellow at the American Association of Collegiate Registrars and Admissions Officers.
FERPA protects student privacy by “defining what information schools can collect, maintain, and disclose with and without a student’s or their parents’ or guardians’ consent,” says Charlie Sander, CEO of ManagedMethods, a cloud security and safety platform built specifically for K–12 district technology teams.
“We’ve seen students gain access to their peers’ information and use that to bully them. We’ve seen criminals use parents’ information to try to extort ransom payments from the district. And we’ve seen them sell student information to identity thieves on the dark web. These incidents have real consequences to the long-term health and well-being of our students.”
– Charlie Sander, CEO, ManagedMethods
READ THE FULL ORIGINAL ARTICLE >>
by Adam Stone, EdTech Magazine