State body approves Privacy Rules for student data

December 10, 2013 |

Curriculum Matters, in State Assessment Group Approves Privacy Rules for Student Data, reports on rules governing personally identifiable information about students participating in assessment regimes. The transfer of data to secondary bodies is a constant source of concern in privacy law.  The new Australian Privacy Principles which will come into effect when the Privacy Act amendments come into force in March 2014 address this issue specifically.  The US has a different structure for privacy protection.  It is however useful to see how the issues are considered there.

The article provides:

The PARCC testing group approved a new policy Thursday that is intended to safeguard personally identifiable information about students that is collected as part of states’ common-core assessment regimens.

The action comes as debate continues to swirl about how student data will be used by PARCC (the Partnership for Assessment of Readiness for College and Careers) and the other federally funded assessment consortium, Smarter Balanced. Some critics have raised alarms because they fear that the two state coalitions will hand over student data to the federal government.

PARCC’s new policy, approved by the governing board of the 19-member consortium, attempts to respond to this concern. 

On the opening page of a 14-page document, the policy says that states will provide personally identifiable information, such as students’ names, addresses, identification numbers, or dates of birth, along with their performance on PARCC exams, to PARCC and its contractors, but that information “will never be provided by PARCC to the federal government without written authority from a state, or unless legally required to do so by subpoena or court order.”

Further, no state agency or school district will ever disclose students’ social security numbers to PARCC or its contractors, the policy says. 

 Safeguarding Data

The information that states and districts convey to PARCC will be used “to develop and implement” the assessment system, including to pilot-test, field-test and validate the assessments; analyze test results and report them back to states, the policy said. It will also be used to conduct studies aimed at improving instruction, and to evaluate federal and state funded programs.

The policy details a range of protections that will be built into PARCC’s handling of student data. They include limiting internal access to student information, requiring that electronically stored data be encrypted, and prohibiting the unencrypted transmission of information from PARCC or its contractors to any third party wirelessly or across a public network.

Each state will choose a “privacy administrator” to oversee how state and district data is handled by PARCC and its contractors. One or more senior officials will be designated, as well, to implement and monitor data protections at PARCC and at each of its contractors, the policy says.

Smarter Balanced developed a brief data-privacy principle that guides its handling of student data. But beyond that, the consortium will create separate data-privacy agreements with each of its 25 member states to allow each to customize its practice in light of state law, regulation and practice, according to spokeswoman Jacqueline King. Those agreements are expected to be completed in the first few months of 2014, she said.

Whether the new policies will offer sufficient assurance to calm data-privacy activists’ fears remains to be seen. But for now, the two consortia are in the position of trying to dispel the perception that federal government funding means an open data pipeline from schools to Washington.

At a recent gathering of the Education Writers Association, PARCC Chief Executive Officer Laura Slover dismissed this notion with one word: “false.” Ms. King, the Smarter Balanced spokeswoman, said that some people might have picked up the idea from a line in the consortium’s funding agreement with the U.S. Department of Education.

It says the consortium will “develop a strategy to make student-level data that results from the assessment system available on an ongoing basis for research, including for prospective linking, validity, and program improvement studies; subject to applicable privacy laws.” PARCC’s agreement with the department contains the same phrase.

No Obligation to Share Data With Feds

Tony Alpert, the chief operating officer for the Smarter Balanced consortium, said in an email that nothing in the language of the agreement specifies that the federal government would be a recipient of the student data. While the consortium must make data available for research, no state’s data would be released without its consent, he said.

“The agreement does not require that the federal government have access to the data that might generate research,” he wrote. “The states will be able to control which entities have access to the data consistent with the states’s laws and policies.”

Ms. King added that “student-level” data isn’t the same thing as “personally identifiable” student data.

“All student identifiers can be stripped from the data file and there are other techniques that can be applied to ensure that data cannot be tracked back to individuals,” she wrote in an email. That is how the U.S. government currently handles its research databases, she said.

According to a source well acquainted with the consortium work, the U.S. Department of Education has assured states that the Race to the Top assesessment program—which funds the consortia—doesn’t create any new data-collection requirements for states participating in the grant, or impose any new data-reporting requirements to the department or any other federal entity. States were also told that the department does not collect individual student-level assessment data from any state as part of the Race to the Top Assessment program, the source said.

The department offered those assurances in at least one letter to a state to clarify questions about student data collection and privacy, and has made some of the same assertions in a “myths and facts” posting on its website. The most pertinent bits from that posting:


Slover, the PARCC chief executive, said in an email that the PARCC states have been “very explicit that the states own and control use of their data—not PARCC. PARCC is not sharing and will not share student-level data with the U.S. Department of Education.” The consortium’s new data-privacy policy “clearly lays out specific and rigorous protections for the privacy of student data, which provide more protection than policies currently on the books in some states,” she said.

Bari Erlichson, the assistant commissioner of education in New Jersey, a PARCC state, said in an email that under the federal Elementary and Secondary Education Act, states have reported school-level data from their state tests to the U.S. Department of Education.

“As we move toward the consortia assessments, those requirements have not changed or increased,” she wrote. “Individual states will continue to make decisions about how to fulfill those reporting requirements while protecting student confidentiality.”

The PARCC policy was approved on the condition that its wording be revised to make clear that it applies to charter schools as well as traditional public schools. PARCC officials expect the finalized policy to be posted within a day or two.

Leave a Reply

Verified by MonsterInsights