New partnership offers school districts resources, camaraderie in bolstering student data privacy practices
The K-12 tech group Consortium for School Networking this month launched a new partnership for school districts that want to bolster their student data privacy practices, and several school districts — including in Indiana and South Carolina — have committed to the practice.
CoSN’s Trusted Learning Environment State Partnership Program, which launched on Nov. 7, builds on the organization’s Trusted Learning Environment State Subscription Plan that has been operational for six years. It offers school districts a seal of achievement to display if they complete all practice area requirements.
The unique seal can be earned for not only their privacy maturity, but their “commitment to ongoing improvement in their student data privacy program,” according to the program’s director.
Linnette Attai, project director at CoSN for student data privacy initiatives, oversees the TLE State Partnership Program. She told StateScoop the new program assesses the maturity of school districts’ privacy practices against 25 requirements across five practice areas: leadership, business practices, data security, professional development and classroom practices. From the assessment, CoSN provides districts comparisons of these results to the aggregated results of TLE Seal recipients. CoSN offers resources that are ready-made for its districts, providing guidance to improve their top three areas of weakness.
Privacy’s pulse
Attai said that to earn the privacy seal, districts must show how they meet these requirements and plan to adapt to new or evolving privacy requirements. She added that a larger umbrella TLE program normally takes about two years to complete, but the components that designate districts with a privacy seal requires renewal every two years.
The offerings, she said, were crafted with feedback from districts that needed help with sorting through the myriad state privacy laws.
“We have 135 or more state student data privacy laws in this country, all designed to help ensure that districts and third party technology providers are really protecting student data — but how do we know if that’s working, if this is improving practice?” Attai said. “So that’s really the impetus for developing this program, is a way to help make it more apparent to the state education agencies what was going on in their districts with respect to privacy practices.”
Along with offering feedback and guidance for districts on how to improve, there’s also a network of school districts and education departments looking to learn from others and share best practices. In South Carolina, district leaders said the initiative kicked off their involvement with TLE in March but officially launched over the summer. It includes seven pilot districts.
Following the pandemic, which saw an increase of remote work and virtual needs — and a corresponding uptick in cybersecurity threats such as ransomware across the education sector — Blondell Brown, an IT security specialist and analyst with the South Carolina Department of Education, said a top priority for the department is supporting districts as they make cultural changes more oriented towards data privacy and security.
Brown said this change has been overwhelming to districts, but the program helps them take the changes step-by-step.
“For this particular program, it’s just really the overall framework, but we’re most excited about getting the templates and starting to put policies into place,” Brown said. “This CoSN program will allow us to just not throw a ton of information at the district and just make it hard for them to gather it all — we’re able to break it down into their needs so they can focus on the TLE, can focus on each practice and allow them to work towards bettering each practice within their program, so they can look at they take the assessment, they look at their strength and their weaknesses, and build on those, build up those weaknesses.”
‘Pretty rigorous’
Another early adopter of the program is the Indiana Department of Education. Pete Just, a former school district chief technology officer and current executive director of Indiana’s Chief Technology Officer Council, serves on CoSN’s board. He said in working with school districts on implementing the TLE program, and now leading the privacy program for nine districts, the collaborative aspect will help more districts to achieve the TLE designation.
“We’ve had a number of school districts that have wanted to try to pursue this. But to be honest, it’s pretty rigorous. So just like when we were in college, if you had a hard class with a lot of memorization or a lot of work, it was always helpful to have a group or cohort that you could work with,” Just said.
He added that the three Indiana districts that have received the TLE seal already, are all “high-income districts with a lot of lawyers, doctors and people that might have time to look at data practices.” He added that this new program will allow more districts to gain the seal regardless of how well-resourced they are.
For Attai, the biggest part of the program’s impact is not just the collaboration among school districts, but within them as well. She said it helps to increase the awareness of privacy across a school district’s many parts — all of which, have to pitch in to make the privacy program a success.
“It really helps to, in many ways, break down some of the silos and brings an organization-wide approach to privacy, because the technology leader no one can implement a privacy program on their own,” Attai said. “Employees need to cooperate and in districts, because functions are often very siloed, this program really helps to expose how the different silos have a role to play in protecting student data privacy, and requires then the teams be coming together to work collaboratively on it.”
