Privacy

Privacy and cybersecurity are very closely linked.  If we do not safeguard systems and passwords, then private and confidential information can be made public, and possibly get into the hands of criminals.

This content can be viewed in video format.

In education, we are responsible for collecting and accessing a lot of private and confidential student and employee data.

Student information may include:

  • enrolment and registration data, 
  • contact and guardianship information,
  • program delivery, 
  • progress assessment, 
  • attendance data, and 
  • health information.

Employee data may include:

  • personal contact information, 
  • banking information and 
  • medical notes.

It is critical that we properly protect this information

Throughout this course we have discussed best practices for avoiding some of the most common threats to our accounts and systems. By following these tips and reminders you  – and your board – will be more secure online.  At the school level we must be extremely careful how and where we use technology to record student’s confidential information.

Secured Systems

Your board provides secured systems centrally. These may include your student information system, gradebook or student learning management system, and various OSAPAC titles as provided by the Ministry of Education. These, together with your Board provided network drives, may store personally identifiable information.  You do not need to obtain parental permission to use them.

However, there are many other resources available to teachers online that have not been deemed secured by the Board. You must carefully consider all third-party tools and resources. Check your board’s digital tool approval process for more specific information. 

Here are some very important considerations if you’re using a third party online educational tool.

  • Do not use personal information like student last names, OEN or student numbers.
  • Use strong passwords.
  • Check the age limit for the tool.
  • Check the privacy policies for the tool.
  • Consult with your administrator before using the tool.
  • Receive written permission from parents before using the tool.
  • Ensure that parents have access to their own child’s information only.
  • Remember that anything you share can be made public by those you share it with.
  • Delete the information stored in the app once the students move on to a new class.
privacy protection
Personal Device

Do not store personally identifiable data, or Board business data on your personal device (including phone, tablet, or home computer). 
Office365
Secure Web Portals

Access and use services through a secure web portal such as Google Drive or Office 365, but do not download the document locally to a personal device.

If your home computer or phone is accessed by others, this may result in a privacy breach.
man with ipad
Photos and Videos

Photos and videos for assessment purposes should be taken using Board-owned devices only, not personal devices.
Social media icons
Social Media

Be careful what you post on social media with respect to your students and their achievements and what you share as an individual and on behalf of the organization.  

Check to see if your board has a procedure on “Communications and Use of Social Media” for guidance.
Summary

Sometimes we can get excited about a new way of teaching and learning, but if it means handling personal or confidential data, or putting information online in a third party tool, we all have a professional responsibility to carefully consider the privacy implications beforehand.  

Sometimes we can get excited about a new way of teaching and learning, but if it means handling personal or confidential data, or putting information online in a third-party tool, we all have a professional responsibility to carefully consider the privacy implications beforehand. Remember education is the number one target for cybercriminals. You must always properly protect student and staff personal data.  

Cybersecurity

 
Scroll to Top