Understanding Your Data Privacy Responsibilities Part 2: A Case Study

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

2 hours 19 minutes
Video Transcription
Welcome back to student data privacy fundamentals. Understanding your data privacy responsibilities. A case study.
In this video, you will learn specific items to do as you begin policy creation,
the difference between data governance policy and procedures
and why it's important to have a data governance policy and procedures
as you begin preparing and data governance policy. Here are some things that you should have on your to do list.
One. Get leadership to acknowledge the need for a program
to designate individuals responsible for policies related to data use and privacy.
Three. Bring the right people to the table,
and four. Determine which policies and procedures are already in place.
It's important to note here that a policy refers to an organization's guiding principle, like data governance in general, and procedures refers to a set of steps or action plan to follow in regards to a data governance policy. For example, Ah policy will describe best practices to secure data,
but should also include procedures to follow in the event of a data breach.
Number. Five. Adopt any additional necessary policies and procedures for the use of student data throughout the data lifecycle, including consequences for noncompliance
trained out of users on relevant policies and procedures.
Seven. Think about how best to be transparent to parents and students about privacy
and a develop a modern monitoring plan to ensure policies and procedures are being followed.
To begin the conversation with leadership, Cosan led the creation of 10 student data principles with input from a group of national stakeholders.
Cosan also provides a privacy tool kit, which is a great resource to aid school districts in understanding their compliance requirements, identifying and evaluating potential harms and planning effective, transparent communication.
Now let's take a look at a common example of why and how a data governance policy will help protect your organization and, in turn, your staff and students.
This is Mr Williams, 1/3 grade teacher. He just found a great new app to help kids with math through games. His students love to play games and the app is free.
More and more teachers like Mr Williams are making use of APS and online services.
Many providers offer innovative and helpful content, often for free,
but be weary that sometimes the saying nothing is free might apply.
Some maps require the acceptance of terms of service
increasingly online services and applications. Use a licensing model known as Click through Acceptance, where you can sign up by simply clicking a button or check box to accept the terms of service. And this can lead to potential problems.
Terms of service can be long, boring and full of complicated legal language, but Mr Williams needs to fully understand what he is agreeing to in the terms of service.
We may not think of clicking and accept Button as the same thing. Is signing a written contract that they could be legally binding agreements. For these reasons and more, Mr Williams should talk to the appropriate individuals about the district or organizations, policies and procedures before signing up for a nap,
quiz, time, true or false Click. Their acceptance is a quick way to approve a nap because the apse with these types of acceptance are always safe and secure.
False. Absent websites that use this type of acceptance of their terms often do it for the exact opposite reason. Their terms may lead to harm to the user, and it click through acceptance increases the odds of a user agreeing to the terms without reading or understanding what they're signing up for
in today's video, we discussed specific items to do is you begin policy creation like bringing the right people to the table and evaluating the policies and procedures you already have in place.
We differentiated between a policy which are guarded, guiding principles on a topic and procedure, which is a plan of action to support a policy.
And we looked at a case study to see various reasons why a data governance policy is necessary, including today's technology filled world students, increased use of technology as well as students and teachers. Lack of understanding online risks, such as online agreements for educational software.
In the next listen, we will dive into the federal regulation off FERPA and its implications for student out of privacy. See you soon.
Up Next