Privacy and cybersecurity are very closely linked.  If we do not safeguard systems and passwords, then private and confidential information can be made public, and possibly get into the hands of criminals.

This content can be viewed in video format.

In education, we are responsible for collecting and accessing a lot of private and confidential student and employee data.

Student information may include:

  • enrolment and registration data, 
  • contact and guardianship information,
  • program delivery, 
  • progress assessment, 
  • attendance data, and 
  • health information.

Employee data may include:

  • personal contact information, 
  • banking information and 
  • medical notes.

It is critical that we properly protect this information

Throughout this course we have discussed best practices for avoiding some of the most common threats to our accounts and systems. By following these tips and reminders you  – and your board – will be more secure online.  At the school level we must be extremely careful how and where we use technology to record student’s confidential information.

Secured Systems

Your board provides secured systems centrally. These may include your student information system, gradebook or student learning management system, and various OSAPAC titles as provided by the Ministry of Education. These, together with your Board provided network drives, may store personally identifiable information.  You do not need to obtain parental permission to use them.

However, there are many other resources available to teachers online that have not been deemed secured by the Board. You must carefully consider all third-party tools and resources. Check your board’s digital tool approval process for more specific information. 

Here are some very important considerations if you’re using a third party online educational tool.

  • Do not use personal information like student last names, OEN or student numbers.
  • Use strong passwords.
  • Check the age limit for the tool.
  • Check the privacy policies for the tool.
  • Consult with your administrator before using the tool.
  • Receive written permission from parents before using the tool.
  • Ensure that parents have access to their own child’s information only.
  • Remember that anything you share can be made public by those you share it with.
  • Delete the information stored in the app once the students move on to a new class.

Sometimes we can get excited about a new way of teaching and learning, but if it means handling personal or confidential data, or putting information online in a third-party tool, we all have a professional responsibility to carefully consider the privacy implications beforehand. Remember education is the number one target for cybercriminals. You must always properly protect student and staff personal data.  


Scroll to Top