2/3/2015 DATA GOVERNANCE AND FERPA FOUR THINGS YOU CAN DO RIGHT NOW

Transcription

1 DATA GOVERNANCE AND FERPA Data Governance Data Procedures and Professional Development MOUs, MOAs, and Contracts FERPA Q&A FOUR THINGS YOU CAN DO RIGHT NOW Communicate the Value of Data Improve Privacy, Security, and Communications Polices and Practices Establish Data Governance Build Capacity and a Culture of Responsibility 1

2 COMMUNICATION IS KEY Start with the Value of Data Used for meaningful change for instruction Communicate to Parents and the Public Transparent Information on your website Greater awareness around data access and use are driving conversations about purpose and privacy. POLICIES & PROCEDURES School Board Policy for Data Governance and Use Physical Security Controls and Possible Sanctions (Employee Policies and Permissions, Student AUP, etc.) Data Quality Controls and Professional Development Data Exchange and Reporting (Contracts, MOUs, MOAs, Non-Disclosure Agreements, etc. should include FERPA, Data Destruction, and Data Physical Security INOW WINTER RELEASE Example: Pop-up window that has to be acknowledged by a user logging into the INow system. By logging into INOW, I agree to abide by all local, state, and federal rules, policies and laws regarding data privacy/governance. This includes, but is not limited to the Family Educational Rights and Privacy Act (FERPA). I understand that I may not access INOW using any other person s login credentials or give my login in credentials to any other person. Further, I will protect the data contained in INOW by never leaving my device unattended and by not allowing unauthorized persons to view confidential information while I am logged into INOW. Further, I will ensure that any confidential information that I export from INOW is always stored and transmitted in a secure manner. I understand that if I violate this agreement I may be subject to disciplinary actions up to and including termination as well as any applicable legal charges. 2

3 ESTABLISH DATA GOVERNANCE What is Data Governance? An organizational approach to data and information management that is formalized as a set of policies and procedures that encompass the full life cycle of data, from acquisition to use to disposal. CREATE A DATA GOVERNANCE COMMITTEE Superintendent Data Manager Legal Counsel School Leaders Chief Financial Officer Data System Administrator Data Owners Data Stewards Technology Coordinator BUILD CAPACITY AND A CULTURE OF RESPONSIBILITY Appoint a Data Manager Communicate and Train on Policy and Procedures Everyone has a job to do Support Data Use and Protect Privacy 3

4 PROCEDURES AND PROFESSIONAL DEVELOPMENT PD on Data Governance and Policies/Procedures PD on Data Quality Changes in Data Collection (Procedures) Plan for Implementation Professional Development (Hands-on, Manuals, Short Videos, Memorandum) KNOW YOUR LAWS The Family Education Rights and Privacy Act (FERPA) Children s Online Privacy Protection Act (COPPA) Children s Internet Protection Act (CIPA) Health Insurance Portability and Accountability Act (HIPAA) Payment Card Industry Data Security Standard (PCI DSS) REAL WORLD EXAMPLE Change in collection of Race/Ethnicity Overview to Superintendents October 2014 Official memorandum to Superintendents January s to Technology Coordinators and Data Managers Included in as many conference presentations to various groups as possible Changed in Data Code Manual with inow Winter Release Videos will be available for LEA and school use 4

5 LEA FOCUS - CALIFORNIA ENACTS STUDENT DATA PROTECTION LAW Prohibition of data use at LEA level by third parties vendors, not collection and governance. Contracts, MOUs, and MOAs Prohibits online education service operators from selling student data, using student data to target advertising or from amassing a profile on students for non-educational purposes. CONTRACTS, MEMORANDUM OF UNDERSTANDING, AND MEMORANDUM OF AGREEMENTS Should; Review all local Contracts, MOAs and MOUs Are there verbal agreements in place that should be formalized? Ensure your legal counsel signs off on all agreements FERPA, COPPA, CIPPA, etc language CONTRACTS, MEMORANDUM OF UNDERSTANDING, AND MEMORANDUM OF AGREEMENTS (CONT) Should include; A begin date Duration Termination language Is data being exchanged? Data destruction FERPA, COPPA, CIPPA, etc language 5

6 Where can Superintendents, Data Managers, and Technology Coordinators get all of this information and more? Login Information: Username and password that you use for Education Directory login Sample polices, procedures, contracts, MOUs, and other resources FERPA OVERVIEW HOW DO I CODE IN INOW WHEN A STUDENT HAS TWO DIFFERENT RACES MARKED? INOW WILL NOT LET ME MARK MORE THAN ONE RACE FIELD. A. Choose the first race they marked. B. Choose the option Two or more races. C. Leave the race field blank. 6

7 THE TOP 10 IT ISSUES IN HIGHER ED FOR Hiring and retaining qualified staff, and updating the knowledge and skills of existing technology staff. 2. Optimizing the use of technology in teaching and learning in collaboration with academic leadership, including understanding the appropriate level of technology to use. 3. Developing IT funding models that sustain core services, support innovation and facilitate growth. 4. Improving student outcomes through an institutional approach that strategically leverages technology. 5. Demonstrating the business value of IT and how IT can help the institution achieve its goals. THE TOP 10 IT ISSUES IN HIGHER ED FOR Increasing the IT organization's capacity for managing change, despite differing community needs, priorities and abilities. 7. Providing user support in the new normal -- an environment rich with mobile, online education, cloud and BYOD. 8. Developing security policies for mobile, cloud and digital resources that work for most of the institutional community. 9. Developing an enterprise IT architecture that can respond to changing conditions and new opportunities. 10. Balancing agility, openness and security. CONTACT INFORMATION Scott Crews Coordinator, Networking and Operations Melinda Maddox, Ed.D. Assistant State Superintendent of Education Research, Information, and Data Services (cell) Juliana Dean Associate General Counsel