Presentation is loading. Please wait.

Presentation is loading. Please wait.

Student Data Privacy Contract Framework “Getting Started”

Published byEustace Clifford Dickerson Modified over 8 years ago

Similar presentations

Presentation on theme: "Student Data Privacy Contract Framework “Getting Started”"— Presentation transcript:

1 Student Data Privacy Contract Framework “Getting Started”

2 This is for you! This slideshow is designed to be used by your organization (with staff, Boards, parents, public, etc.) to successfully implement the “Privacy Contract Framework” Project! It is designed to provide you with strategies, resources, and effective practices in making your project successful! Feel free to personalize the slideshow with your content, logos, etc.

3 A Data Stewardship Role Local education organizations (or their equivalents) act as the data “steward” for all information relating to one or more of the schools / institutions under its jurisdiction. Different types of information may have different ownership restrictions (ex: a staff member may own some of the information concerning their personal assessment and attendance records, but as an employee, may have a different set of ownership rights than a student or parent over that data). There may be more than one data steward for a given student (ex: a student has attended schools in multiple districts). Each has an equivalent responsibility to the owner for the data under its control.

4 A Data Stewardship Role Ensure Data Security Data is secure only when it inaccessible to unauthorized 3rd parties. Only secure data can be made private. Ensure Data Privacy Secure data is private only when its access and use by authorized 3rd parties is restricted and fully controlled by the Data Steward, in accordance with (where possible) the stated wishes of the Data Owner. The Data Steward’s role is to:

5 A Data Steward gives the personal information to the supplier to use for a limited purpose that assists/benefits the Data Owner; A Data Steward/supplier agreement binds the supplier not to use or disclose any personal information except for the specified limited purpose. If any data is exposed to its subcontractors, at a minimum these sub-contractors must also agree to the same obligations, and be specified by name in any contracts or agreements with the Data Steward. A Data Steward/supplier agreement gives the Steward the right to be notified of and pre- approve any additional 3rd party accessing the data, or alternatively a reasonable opportunity to retrieve all information and request it be scrubbed from supplier storage. A Data Stewardship Role Steward/Supplier Interrelationship The assumption is made that the marketplace suppliers are treated as using the information to provide a service for the Data Steward. In this case, a Steward maintains control over who can view the information it supplies, and for what purposes. The definition of “control” varies but might include:

6 Privacy Impact Factors Modern Technology Policy Implementation Use Cases to Address Action Items

7 Our Student Data Privacy Philosophy (Your Content Here) (link to your organization’s official policies here) My Privacy Matters

8 What the Project Can Mean to Us

9 Privacy and Security are Hot Button Items Transparency is Being Demanded By All LEAs have limited Legal Bandwidth/Expertise School App Ecosystems Expanding Exponentially Each App Needs Specific “Rule-Making” Lots of Great Policy Resources Out There – But Not Much in the Way of Implementable Info The Realities

10 A bevy of great organizations provide guidance to schools and states regarding student data privacy. The Student Data Privacy Consortium (SDPC) leverages this work while focusing “on- the ground” with practitioners. A non-profit collaborative of schools, districts, regional and state agencies, policy makers, trade organizations and marketplace providers addressing today’s issues with adaptable, implementable solutions to growing data privacy concerns. Develops public access materials, hosts events, provides membership artifacts, generates template & tools, and delivers effective practices, all through the most unique collaborative: end users and marketplace providers working together! About the Student Data Privacy Consortium

11 The first project of the SDPC, the Privacy Contract Framework, leverages work done by the Massachusetts Student Privacy Alliance (MSPA) around a “common contract” for usage across 40 districts. Districts and vendors alike benefit from having clear expectations around privacy contract terms and clauses. The project further expands this work at scale and offers a variety of tools to examine, model, and build privacy language and sample and common contracts. The Privacy Contract Framework resources and tools can be found in the SDPC Application. Privacy Contract Framework SDPC Project #1

12 Streamlining and clarity of expectations with providers Limits the need for legal resource contract support Allows for a better organized picture of the organization’s application ecosystem Provides a streamline communications path to parents, public, etc. Reduces or eliminates lengthy vendor negotiations Streamlining and clarity of expectations with LEAs & SEAs Limits the numerous “one off” agreements with customers Allows for the identification of partnerships Enables faster application adoption Promotes company as privacy aware and proactive Reduces or eliminates lengthy customer negotiations Marketplace ProvidersEnd Users “Win-Win” Benefits

13 Readiness Status

14 Internal IT Capacity Place staffing model, budget information, or specific infrastructure information here or provide linkages. (ex:) Resources:

15 Current Usage Agreements Place actual agreement information or links to usage agreements here. PTAC Resources: Data Sharing Agreement Checklist http://bit.ly/2boip84 Data Sharing Webinar http://bit.ly/2bogJf3

16 Application Vetting Process Place actual process information or links to process communicated. Pearson Resources: Vetting New Technology for the Classroom http://bit.ly/2bG0BpD

17 Applications with Agreements Application Insert your ecosystem here.

18 Applications without Agreements Application Insert your ecosystem here.

19 Change Management Project ImpactImpact Description Governance Contract Renewal Application vetting Staff buy-in Application inventory Communication New governance model to include application vetting Needed adoption of privacy clauses and understanding by all parties involved in contract approval Procedures needed to ensure only approved online applications are used by staff regardless of cost Training and awareness building around the need to vet all on line applications must be embedded into all aspects of the environment Must develop an accurate and up to date application inventory and system for maintain Must develop effective communication strategy to all stakeholders; staff, students, parents, and community Areas to Consider Addressing with Contract Framework.

20 End Game Look

21 Contract Tool Tutorial Contract Development Support, Considerations, etc. Checklists Benefits Summary, Process Documentation, etc. Communication Tools Awareness Letters, Press Info, etc. Vendor Engagement Strategies Correspondence, Questions to Ask, Resources, etc. Resources Sample Contracts, Privacy Resources, etc. Toolkit Components Located here: https://secure2.cpsd.us/a4l/track1.php

22 Detailed Consortium Information Project 1: Contract Framework Detail and Tools Membership Information What’s Next Conversations Resources to Support Your Work! Project Information Privacy.A4L.org

Download ppt "Student Data Privacy Contract Framework “Getting Started”"

Similar presentations

The Future of Purchasing in Victorian Health Steve Sant Health Purchasing Victoria.

The Future of Purchasing in Victorian Health Steve Sant Health Purchasing Victoria.
Data Quality And Stewardship. PROVIDED BY THE IDAHO STATE DEPARTMENT OF EDUCATION.

Data Quality And Stewardship. PROVIDED BY THE IDAHO STATE DEPARTMENT OF EDUCATION.
Buying Better Outcomes Workshop 4 Equalities and Contract Management If you do not take it seriously, why should the supplier?

Buying Better Outcomes Workshop 4 Equalities and Contract Management If you do not take it seriously, why should the supplier?
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
SMALL BUSINESS PLAN GUIDE

SMALL BUSINESS PLAN GUIDE
Data-Sharing and Governance Consultation ANALYSIS OF RESPONSES.

Data-Sharing and Governance Consultation ANALYSIS OF RESPONSES.
Developing a Records & Information Retention & Disposition Program:

Developing a Records & Information Retention & Disposition Program:
Data Management Awareness January 23, 2008 1 University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.

Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Information Technology Service Management

Information Technology Service Management
The Heart of the Matter: supporting family contact for fostered children.

The Heart of the Matter: supporting family contact for fostered children.
Agenda 1. Definition and Purpose of Data Governance

Agenda 1. Definition and Purpose of Data Governance
G17: Recordkeeping for Business Activities Carried out by Contractors Patrick Power, Manager Government Recordkeeping Programme Archives New Zealand.

G17: Recordkeeping for Business Activities Carried out by Contractors Patrick Power, Manager Government Recordkeeping Programme Archives New Zealand.
Conservation Districts in New York Training Module 1.

Conservation Districts in New York Training Module 1.
GS1 US INITIATIVES UPDATE MARCH 18, 2013. GS1 STANDARDS MAKES IT POSSIBLE 2 SAFETYSECURITY VISIBILITYEFFICIENCY COLLABORATION To apply standards to business.

GS1 US INITIATIVES UPDATE MARCH 18, GS1 STANDARDS MAKES IT POSSIBLE 2 SAFETYSECURITY VISIBILITYEFFICIENCY COLLABORATION To apply standards to business.
THE REGIONAL MUNICIPALITY OF YORK Information Technology Strategy & 5 Year Plan.

THE REGIONAL MUNICIPALITY OF YORK Information Technology Strategy & 5 Year Plan.
Michalis Adamantiadis Transport Policy Adviser, SSATP SSATP Capacity Development Strategy Annual Meeting, December 2012.

Michalis Adamantiadis Transport Policy Adviser, SSATP SSATP Capacity Development Strategy Annual Meeting, December 2012.
- The Basics - Training Module 1. What You’ll Learn In This Module What is a Conservation District? What is it suppose to do? Who are the people involved.

- The Basics - Training Module 1. What You’ll Learn In This Module What is a Conservation District? What is it suppose to do? Who are the people involved.
Project management Topic 1 Project management principles.

Project management Topic 1 Project management principles.
FORUM GUIDE TO SUPPORTING DATA ACCESS FOR RESEARCHERS A STATE EDUCATION AGENCY PERSPECTIVE Kathy Gosa, Kansas State Department of Education.

FORUM GUIDE TO SUPPORTING DATA ACCESS FOR RESEARCHERS A STATE EDUCATION AGENCY PERSPECTIVE Kathy Gosa, Kansas State Department of Education.
Online Educational Services. Section Overview Contracts Click-Wrap Agreements Best Practices.

Online Educational Services. Section Overview Contracts Click-Wrap Agreements Best Practices.

Similar presentations

Ads by Google