Protecting Student Privacy in a Digital Age

Posted by Matt Berringer on February 29, 2016

Protecting student privacy
Key Takeaways for Superintendents and CTOs

  • Protecting student privacy is of growing importance in a digital age.
  • District administrators and school board members have a responsibility to evaluate the district's methods for storing and sharing student data.
  • Student healthcare data is particularly sensitive and now falls under the protection of FERPA (not HIPAA).
  • District administrators need to be mindful of the pitfalls of sharing student survey data, using free software solutions, and can consider app filtering.

Dr. Lawrence Borland is not only the school board president for the Franklin Regional School District in Pennsylvania, he’s also a self-described “privacy guy.” That’s why he has become very involved in how and why the district releases any information about its students.

“I don’t think anyone has any concern about what’s collected and kept in the school district,” Borland told a room full of superintendents and school board members during a PASA-PSBA School Leadership Conference in October. “It’s when it leaves (the district) and it leaves our control and we don’t even know where it goes.”


The Family Educational Rights and Privacy Act (FERPA), the federal law that aims to protect student privacy, uses up most of its clout while the data is still within the district, Borland said.

“We are doing all these things to protect student privacy in our own realm, but when the data leaves, we have absolutely no control to look at or follow its distribution,” he said.

Borland encouraged school board members to work closely with school administrators to evaluate their own districts’ methods for storing and sharing student data, particularly data that contains identifiable information, such as names, social security numbers, and birth dates.

What About Student Healthcare Data?

Of particular concern is student healthcare data, which no longer falls under the protection of the Health Insurance Portability and Accountability Act (HIPAA), as many people think. Instead, it is now included under the protection of FERPA, said Borland, who is also a pediatrician.

A good question for board members to ask administrators right away is where the student healthcare data is being stored.

“We were entering healthcare data into an external database that we had no control over,” he said. “When we discovered this, our administration authorized it to be relocated into an internal-only database.”

What Can Administrators and School Board Members Do?

Borland offered these additional tips for school board members and district administrators to consider:

  • Review the types of surveys the district allows students to participate in for outside organizations to ensure the information released is appropriate and sufficiently anonymous.
  • Consider app-filtering, which blocks all the information that would automatically go out from a student using an educational app at school.
  • Be wary of free technology solutions from private companies, which can be enticing but may end up costing the district more than it bargained for in terms of student data.

Learn how to maintain student data privacy in a digital age. Learn how to balance student data privacy with increased student achievement.

Topics: Superintendents, Privacy, CTO, EdTech News and Info, Franklin Regional School District, Pennsylvania