Cybersecurity & Online Safety
How can you keep your students' information safe?
Legislation on Student Privacy -- What you need to know
FERPA - Family Educational Right and Privacy Act
FERPA mandates certain privacy rights regarding education data for students and their parents. The law states that parents have the right to access their children’s education records. It also forbids the sharing of that data without a parent’s written permission. When eligible students turn 18 or graduate high school, these rights pass to them.
Source: What is FERPA
COPPA - Children's Online Privacy Protection Act
COPPA imposes certain requirements on operators of websites or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.
CIPA -- Children's Internet Protection Act
Source: Children's Internet Protection Act (CIPA) | Federal Communications Commission (fcc.gov)
OK, so how can I protect my students' personal information?
Only use online programs that are COPPA and FERPA compliant.
- Certain information ought to be included in a website's privacy policy. Similarly, parental consent must be sought when collecting certain information from under-13 users.
- Look carefully at the privacy policies of the programs you use or only use programs that have been approved by your school district.
- Do not use any websites that require you or your students to enter personal information.
HERE'S AN EXAMPLE OF A COMPANY'S PRIVACY POLICY REGARDING COMPLIANCE:
Do not share students' personal identifiable information with any unapproved web service.
- Student's name
- Student's email address
- Student's identification or SSN number
- Student's date of birth
- Student's address
- Student's family info (parents' or siblings' names)
Protect your school passwords
- DO NOT share your password with anyone. No reputable company will EVER ask for your password.
- DO NOT write your passwords on a post-it note by your computer or "hidden" under your keyboard.
- DO NOT stay signed into your school accounts while away from your computer.
- DO NOT casually browse the web or check personal email from a computer or server that is used for collecting and managing student data, such Skyward, financial, or cafeteria programs
- DO NOT use passwords based on “password” or the names of the seasons, months, family members, pets, or sports teams. Everyone uses them so they are VERY predictable and the first ones a hacker will try
- Use long AND memorable passwords or passPHRASES like “4sCORE&5evnYrs” (four score and seven years) which is easy to remember, but cannot be easily guessed
Avoid accidental sharing of student information
- DO NOT send or forward emails or documents without first checking for student data. Once sent, that email and everything in it is YOUR responsibility, even if you are just forwarding it along.
- Before taking a screenshot to send to someone else, make sure no student information is visible on the screen. If you must take a screenshot with personal information, use photo editing tools to either blur or cover the personal information.
- Be aware of any student data that may be shown in video tutorials sent to others.