Data Protection and Privacy in Schools

As schools adopt more technology in the classroom, we thought it would be a perfect time to review data protection and privacy and understand some key terms and principles schools need to be aware of. We will also share how ReadCloud upholds privacy in our own tools for schools and share tips on best practices!

padlock-image

Rules and regulations

The major rules and regulations that govern data protection and privacy stem from the Australian Privacy Principles (APP) which are derived from the Privacy Act 1988 (Cth) and have specified how organisations need to handle personal information since 2014.

Information and Consent

First of all, let’s go back to basics and review some of the relevant definitions when it comes to Data. Personal information is when an opinion or information has been recorded about a person. It can have multiple forms such as a person’s name, their address or phone number and date of birth. Sensitive information falls under the category of personal information. There are stronger legal protections here due to potential discrimination that can include racial or ethnic origin, political or religious affiliations, sexual orientation, health information, trade union membership or personal beliefs. Consent is when someone agrees to share their information voluntarily. It must be informed and current to be able to use or share someone’s information, especially if the content is sensitive.

Privacy in educational technology

Educational technology is helping to simplify teaching and learning, and digital tools and resources are helping to bridge inequality and access, ensuring students have what they need for learning and improving educational and learning outcomes. 

However, some of the tools used in the classroom will inevitably capture or use data that can be subject to international and local regulations governing their usage. Data that some companies seek to gather include location, keystrokes, personal identifiable information and other sensitive information that can be used improperly. In fact recent reports have shown that many educational apps improperly collect student information

As a technology company, we want to make sure that schools understand some of the key terms and methods used to secure data. For instance, Encryption or encrypted data is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Plain text data is simply unencrypted data. 

If data is encrypted, it is much more difficult for a hacker to gain access to it. A hacker is a slang term for a computer enthusiast. It can be a person who enjoys learning programming languages and computer systems and can often be considered an expert on the subject(s). But it can also refer to computer experts with nefarious intentions who use their skills to obtain data illegally and hold it for ransom or publish it widel on the internet for any other people with nefarious intent to benefit from. 

An example of encrypted data and encryption technology is the technology we use at ReadCloud to secure data about students and teachers accessing publisher digital textbooks and interactive content securely. Thanks to our proprietary DRM encryption, it is very difficult for hackers to gain access to data stored in servers or in transit.

The challenges of data privacy

Students and teachers use technology in the classroom on a daily basis, with many schools championing a BYOD (bring your own device) program and the use of different pieces of software including online learning subscriptions, interactive learning platforms as well as eReading platforms like ReadCloud. 

Nowadays, with the acceleration of remote learning due to COVID, the discussion around privacy goes beyond the standard discussions of the use and disclosure of data like name and date of birth. The use of cloud platforms and services for instance is becoming more and more normal within schools with more tools storing student data in the cloud. This has led to some concerns being raised by students and their families about how their data is being used.

What your school can do to ensure data privacy

Understand your obligations and responsibilities

Various state education departments may require schools to have a duty of care to set up a protected IT system by implementing something like a Schools’ Privacy Policy.

Review your processes, procedures and systems

Audit the data that you hold and review the tools, systems and processes that govern how that data is handled and used. This may involve developing new procedures to guide members of your school on how to act and handle information and also what to do in the event of a data breach or loss. You can then publish this into your Privacy Policy or program for your school to follow. Start with this Best Practice Framework from the Australian government eSafety website.

Train your staff, students and community in best practices

It is also recommended to share supporting information with school staff and the community to build transparency and trust. Your school can even choose to organise training for your staff to implement best practices when it comes to cyber security and safety. 

Work with trusted and secure companies and partners

More and more schools make a safer choice by working with tech companies in the educational sector that promote the fact that they protect students’ privacy and data by leveraging strong technology credentials and expertise, supporting school IT teams. Ask your technology or software partner how they secure your data.

How does ReadCloud uphold privacy?

The ReadCloud eReader and associated platform offers schools access to their entire repertoire of in-classroom content including eBooks, eNovels, Publisher Digital Interactive resources and the digital component of print textbooks in one cross platform app. 

At ReadCloud, we’ve made a choice to put privacy first and develop our software 100% locally. All data (both teacher and student) is stored securely on Australian servers. All Application, System and User support is provided from Australian based support staff and schools are provided with a dedicated customer service team to assist with accessing and procuring classroom resources throughout the school year. 

As part of upholding privacy and security standards, ReadCloud is able to obfuscate student data, making student accounts anonymous by removing sensitive or personal information such as student names. Student data is protected with world leading encryption and hosted locally, so educators and parents have peace of mind and data is kept safe. 

Our Privacy Policy and Terms of User are made available to all via our website

 

The ReadCloud app is accessed securely via Single Sign-On with school credentials.