5 Critical Guidelines for Data Privacy

Student Data Privacy webinar


When Congress passed FERPA (The Family Educational Rights and Privacy Act) in 1974, school and district leaders could rely on once-a-year training and reviews to make sure they remained in compliance. Now, when educators could potentially add a new app with a few mouse clicks, managing student data privacy is a never-ending task. In the edWebinar Student Data Privacy: A Priority and Essential Commitment,” presenters Dr. Charles Dumais, Superintendent and Executive Director, Cooperative Educational Services, Trumbull, CT; Dr. Quinn Kellis, Superintendent Dysart Unified School District, Surprise, AZ; and Linnette Attai, Project Director, CoSN Privacy Initiative and Trusted Learning Environment Program, explained CoSN’s Protecting Privacy in Connected Learning initiative and superintendents’ essential role in directing their districts’ efforts. Discussing CoSN’s Five Critical Guidelines for Ensuring Data Privacy in Your Use of Technology, the speakers told attendees that when it comes to data privacy, the word “done” isn’t in their vocabulary.

Five Critical Guidelines 

  1. Stay current and compliant with federal and state laws. In addition to FERPA and its subsequent updates, there is also COPPA (The Children’s Online Privacy Protection Act), PPRA (The Protection of Pupil Rights Amendment), GDPR from the EU (General Data Protection Regulation), and a host of state and local legislation. The results of this alphabet soup are that school leaders need lawyers and school officials well-versed in the changing regulations to ensure compliance. It’s too complex a task for the principal or superintendent to bear on their own.
  2. Address community and stakeholder expectations early and often. Similarly, as the regulations change, so will school procedures. Leaders need to provide their constituencies (teachers, students, parents, vendors, etc.) with a clear picture of the school’s policies, how the review process works, and how the data is used. Some schools even have a web page detailing their privacy policies.
  3. Keep instructional impacts in the picture. Data must be meaningful to learning; the instructional value should precede any tech advantage. Schools should have a clear procurement process, even for that one-time app the teacher wants to download, to make sure students are protected in their digital environment.
  4. Responsive, responsible privacy administration and management mitigates risks. While schools can’t guarantee absolute data safety, there are resources, like CoSN’s K-12 Privacy Toolkit for Leaders, that offer best practices for lowering exposure.
  5. Training. Training. Training. Leaders need to decide who needs to know what information, how much they need to know, and the best way to share that information. For instance, what principals share with parents about protecting student data will be different from their conversations with vendors. The key is to have an organizational chart that highlights each person or group’s role in safeguarding privacy.

Student data privacy guidelines


While on the organization chart there should be a gatekeeper who understands the school or district’s processes, the onus of privacy does not rest solely on that position.

“This is not a single-person solution. It is not the Director of Technology or somebody else who’s responsible for this,” said Dr. Dumais. “It’s systemic. People need to understand the data, how the data is used, and only through a systemic solution will we find a way to protect students.”

This edWebinar was co-hosted by CoSN and edWeb.net.

Watch the Recording

This article was modified and published by EdScoop.

About the Presenters

Dr. Charles “Chip” Dumais is the executive director of cooperative educational services in Trumbull, CT. A native of Connecticut, he began his career in education nearly three decades ago as a science teacher in Higganum, CT. He has proudly taught physics and calculus to more than one thousand students, chaired a science department, served as an assistant principal in Westport, CT, led Newtown High School in Sandy Hook, CT as its principal from 2008 to 2014, and served as superintendent of the Amity Regional School District. He has earned bachelor’s and master’s degrees in physics from Rensselaer Polytechnic Institute, advanced degrees and certificates from Southern Connecticut State University and the University of Connecticut, and a doctorate in educational leadership from Central Connecticut State University. He is an active member the National Superintendents Roundtable, the Headmasters Association, the Connecticut Commission for Educational Technology, and the Consortium for School Networking.

Dr. Quinn Kellis started his educational career in 1991 as a high school AP Spanish and sophomore English teacher. After years of site and district level leadership, he is currently the superintendent of Dysart Unified School District (24,000 students) in Surprise, Arizona. Dr. Kellis is a native of Arizona and earned degrees from Brigham Young University, Chapman University and Arizona State University. He is the proud father of three married children—all products of the Dysart district. He is a thought leader for innovation and technology integration, arts development and academic environments.

Linnette Attai is Project Director for CoSN’s Privacy Initiative and Trusted Learning Environment Program. For over 25 years, Linnette Attai has been building organizational cultures of compliance and guiding clients through the complex obligations governing data privacy, user safety, and ethical marketing, with a focus on the education and youth sectors. As founder of the global compliance consulting firm PlayWell, LLC, Linnette advises organizations, educators, lawmakers, and policy influencers. She serves as virtual chief privacy officer and data protection officer to select clients and speaks nationally on data privacy matters. Linnette is a member of the Rutgers Center for Innovation cybersecurity advisory board, and author of Student Data Privacy: Building a School Compliance Program.

About the Host

Ann McMullan is a 34-year veteran educator who served as the executive director for educational technology in the Klein Independent School District, located just outside Houston, Texas until September 2013, when she and her family moved to Los Angeles, California. For 16 years Ann led the team in Klein ISD that provided professional development on technology and 21st century instructional strategies to over 4,000 professional educators serving over 50,000 students. During that time Ann also co-chaired the Texas Education Technology Advisory Committee which developed the Texas Education Agency’s Long Range Plan for Technology, 2006-2020.

Today, she is based in Los Angeles, California working as a public speaker, writer, and independent education consultant focused on supporting leadership, visioning and planning to meet the needs of today’s students. She is a frequent presenter at state, national and international education conferences. Ann serves as project director for CoSN’s Empowered Superintendents Program. She serves on the board of PowerMyLearning Los Angeles and on the advisory board of Project Tomorrow. In the fall of 2016 Ann co-authored and published Life Lessons in Leadership: The Way of the Wallaby.

Join the Community

Super-Connected is a free professional learning community on edWeb.net for school superintendents, district leadership, and aspiring district leaders


CoSN CoSN (the Consortium for School Networking) is the premier professional association for school system technology leaders. CoSN provides thought leadership resources, community, best practices and advocacy tools to help leaders succeed in the digital transformation. CoSN represents over 13 million students in school districts nationwide and continues to grow as a powerful and influential voice in K-12 education.