NEWS

Delaware moves to protect student data

Matthew Albright

The News Journal

Delaware and other states are working to make sure the information they keep about students is kept safe and private as computers become more prominent in classrooms – and educators lean more on scores and data in teaching.

Schools keep a wealth of information about students, including health records, grades, family income level, test scores, housing information, phone numbers and Social Security numbers. Delaware Parent Teacher Association President Teri Hodges says parents need to feel confident their kids’ data is safe.

“With the advances in technology, there’s more and more data, and the concern is that more and more people might have access to that data,” Hodges said. “We tell all our kids about Internet safety, and we need to be taking that same attitude when it comes to our students’ data.”

Lending urgency to these concerns are recent high-profile hacks of both major international corporations, like Sony and Target, and federal government bureaucracies. A breach of the federal Office of Personnel Management in June potentially exposed sensitive information about more than 20 million people.

Gov. Jack Markell on Friday signed the Student Data Privacy Protection Act, designed to make sure private information collected in schools stays that way. The law directs the Department of Education to write more detailed rules for how students’ data is kept, who has access and how the information can be used. It also tasks the department with creating a detailed procedure for investigating and reporting potential breaches of privacy, including a way for parents to file complaints.

The law also makes it illegal for companies that contract with school systems to use information to target advertising to students, while stiffening rules for how those companies maintain that information.

The federal Family Educational Rights and Privacy Act already requires districts to keep individual students’ educational information under wraps, except for specific employees who need access.

The problem is that FERPA has not kept pace with the rapid rise of technology in schools, said James Steyer, chief executive officer of Common Sense Media, a San-Francisco based advocacy group. When FERPA was written, records were kept in filing cabinets, not computers, and technological teaching tools now common in classrooms weren’t invented yet.

“Because of the total dysfunction in Washington, nothing is getting done,” Steyer said. “That’s why the role of the states is so important.”

Common Sense Media pushed for California to implement a data privacy law, then began urging other states to adopt similar measures. Steyer said 12 states introduced bills this year, but Delaware and New Hampshire actually passed them.

“Delaware is a national leader in this,” Steyer said.

Another point of the law, which the PTA strongly supports, is to give more decisions about data to parents.

The department will create a “data dictionary” so that parents know all of the information that is kept on their students. Parents will be able to request their students’ information and fix any incorrect or out-of-date information.

“This gives parents more control,” Hodges said.

State agencies would not be allowed to transfer students’ data to any outside agency, with a few exceptions, like if a kid transfers to another school district, attends college, takes a national test or explicitly allows his or her data to be transferred.

Contact Matthew Albright at malbright@delawareonline.com, (302) 324-2428 or on Twitter @TNJ_malbright.