The Importance Of Data Privacy

Introduction

In today's world, we constantly create information.  Whether posting something to social media, or watching our favorite Netflix show, we generate information at a high rate.  Buzz words like Big Data, Machine Learning, and Artificial Intelligence scour our landscape today.  If you shop on Amazon like I do, you are provided with countless recommendations based upon your interests, clicks, and buying history.  Much of this is what we want, there is a level of comfort knowing we can easily click and have something delivered in a couple of days. When we think about our kids, our students, and even ourselves - we need to be thoughtful of the digital footprint we are creating.  This post isn't about compliance, but in the next section I will briefly discuss it. 

Compliance

 When we talk about data privacy from a district perspective, most of the time it is aligned with compliance.  Family Educational Rights and Privacy Act (FERPA) is a Federal law that protects the privacy of personally identifiable information from student education records.  This as well as other data privacy protected initiatives such as:

• Children's Online Privacy Protection Act (COPPA) - a law created to protect the privacy of children under 13. 
• Health Insurance Portability and Accountability Act of 1996 (HIPPA) is United States legislation that provides data privacy and security provisions for safeguarding medical information. This typically involves our student health data generated by a nurse's office or schools based health center.  It isn't limited to those systems though, many times a student's allergy data is shared in the Student Information System for teachers to be aware of.
• There are others as well such as Children's Internet Protection Act, but it involves online filtering of web content.

Many states are taking initiative as far as how these cloud companies are handling cloud data:
​

Mississippi Attorney General Sues Google Over Student Privacy

Mississippi Attorney General Jim Hood, who previously battled Google over piracy allegations, is now suing the company for allegedly violating its privacy promises by collecting data about students who use its educational apps.

Personal Data - My Example

Now let's take a look at my family.  This picture, shown above, was around 4-5 years ago in Kansas.  This picture was taken as I was walking down the hallway and noticed everyone on devices, with the exception of our dog MJ.  If you notice, everyone is engaged.  Engaged with social media, the cloud, and even engaged with each other.  I do remember Emily (far left) was playing "Words With Friends" with Aiyana (just to her right).  I am sure this type of picture is common among families across the country.  We document our lives via social media on a daily basis:

• Sharing a funny video on Facebook
• Taking a picture with a filter via Instagram
• Retweeting our friends and coworkers via Twitter

Each day we are generating a ton of data.  According to GWAVA (embedded by Embedly):

(null)

(null)

With this type of exponential growth, we need to think about our digital footprint and the story that is being told.  On one side, digital citizenship is extremely important.  If your digital footprint isn't a positive one, you could lose opportunities for future careers and post secondary admittance. This outlines just the personal data that is generated by our use of technology.  Let's talk now about the business and enterprise landscape.

A Changing Enterprise Environment

Gone are the days of on-premise solutions and collaborating while you are in the office.  In today's world, we increasingly integrate our office work with our mobile devices, extending outside of our offices as well as our work day.  Businesses that have shifted to the cloud are now looking at a new landscape, the multi-cloud.  In this article below as a study done by Microsoft, "nearly a third of organizations work with four or more cloud vendors." 

Here's Why The Future Belongs To Multi-Cloud

Multi-cloud has been discussed within the cloud computing industry for a while, but challenges of interoperability and complexities have often dissuaded enterprises from large scale adoption. Times are now changing, as enterprise awareness of the cloud has increased and many are realizing that the benefits of utilizing multiple platforms heavily outweigh the challenges.

This produces several challenges.  First of all, how do we secure the data, and secondly, how do we keep data "sprawl" from happening. Below is a graphic of our current environment at Omaha Public Schools.  As you can see, it is becoming increasingly complicated. It is important to note, many solutions don't require student data outside of the typical directory information outlined in FERPA. But over time, data that is generated can be identifiable and become necessary to protect. 

As this environment becomes more complicated, we are putting things into place that will ensure the data privacy recommendations we want to enforce.  First, in a previous blog post, I outlined our creation of an App Approval Tool.  This process gives the ability to vet an app both for data privacy and security, as well as instructional use.  Secondly, we have put together a Student Data Privacy Agreement that is being implemented with each of our cloud providers and outlines our expectations for data privacy through their system. 

Student Data Protection Agreement--Robert DicksonDocs.com

Our work through these measures will continue to evolve as we adopt and create meaningful experiences through the use of technology for our students.