The CoSN Protecting Privacy in Connected Learning Toolkit supports School Systems in understanding the issues that arise when navigating student data privacy responsibilities, including the selection and use of an online service provider.
The original version of this document focused on key requirements of the Family Educational Rights and Privacy Act (FERPA) and the Children’s Online Privacy Protection Act (COPPA). This most recent version, released in June 2017, refreshes almost every section of the Toolkit, and includes expanded material on Directory Information and the Protection of Pupil Rights Amendment. It also includes new sections on how key federal data privacy laws operate together, as well as the National Student Lunch Act.
The Toolkit offers detailed definitions of terms such as Education Record and School Official, suggested Contract Terms and Security Questions for Service Providers, and explanations of issues related to metadata and data de-identification. The Toolkit also includes guidance related to the use of Click-Wrap Agreements, common to so many popular, free online tools and services. A set of helpful links to privacy-related resources is also included.
Because it is important to consider privacy and security decisions in the context of compliance, potential harm and the need for transparency, the Toolkit includes a decision tree. FERPA and COPPA compliance issues are addressed, as are suggested practices that reach beyond compliance.
It should be noted that this document only covers some of the obligations that School Systems have in protecting the privacy and security of student data, and this Toolkit should not be construed as legal advice. In addition, School Systems may be subject to other federal and state privacy laws that are not covered here, and every circumstance requires a case-by-case analysis under the law. Please check with your School System’s legal counsel to understand how federal, state, and local laws may apply to your School System.
