Responding to yesterday’s post on an important data bill before the Legislature, a reader alerted me to a new study from the Fordham University Center on Law and Information Policy pointing out that states have done a poor job ensuring the security of personal information in longitudinal student data bases.
The study examined protocols for all states’ systems and concluded that the majority had detailed information in what appeared to be non-anonymous student records. Many states didn’t have clear access and use rules, and nearly all didn’t have policies to purge the data over time.The study found that a number of states collect demographic data on parents, and track students’ health and criminal records and other sensitive information, such as teen pregnancies. Much of the information, which goes beyond what the feds require, for auditing and evaluation purposes, under No Child Left Behind, can be very useful to help researchers sort through variables that affect a child’s learning. But the rationale should be justified, and privacy must be protected.
Among its recommendations, the study urges states to use dual database architectures to preserve anonymity; comprehensive privacy agreements for researchers; hiring of a chief privacy officer in the state department of education; and audit logs of use.
California will be creating its rules and protocols over the next year. In studying what other states do right, it should focus on what they’re apparently not doing well: taking privacy protections more seriously.
Be the first to comment on Privacy at risk in many states’ data bases.