The Blue Print for Student Data Security and Privacy

Presented by the US Department of Education-Privacy Technical Assistance Center (PTAC)

NOVEMBER 6, 2019

Title: FERPA 101 and Transparency Best Practices
Time: 10:30 am - 12:00 pm
Location: MR202A

Description: Review and discussion of real-life scenarios on FERPA and its applicability to your institution. Participants have an opportunity for interactive Questions and Answers. Experts will conduct trainings and review best practices on communicating with parents about school and district data collection policies and practices. Specific attention will be paid to what information is collected, how it’s safeguarded and used, and why. Review and discussion of real-life scenarios on FERPA and its applicability to your institution. Participants have an opportunity for interactive Questions and Answers. Participants will improve their understanding of FERPA and the context for the law., Reduced misconceptions / misunderstandings about FERPA, identify current communications policies and practices regarding student data inventories, revising policies for information sharing, and identify parent-friendly communication strategies.

Title: FERPA 201 - So you think you know FERPA
Time: 1:00 - 2:00 pm
Location: MR202A
FERPA 201 is a presentation that is specifically targeted at individuals who “know enough about FERPA to be dangerous.” This session is organized around a series of scenarios that PTAC has encountered that have complicated answers which involve the vagaries of FERPA.  This session will provide an opportunity for individuals to have their complicated questions answered.

Title: Disclosure Avoidance Training
Time: 2:15 - 3:15 pm
Location: MR202A
Overview of best practices and staff training in the area of disclosure avoidance methodology and public reporting.  Participants will improve their understanding of disclosure avoidance techniques and public reporting best practices applicable to your institution.


NOVEMBER 7, 2019

Title: Working with Online Service Providers and Apps
Time: 8:30-10:15 am
Location: MR202A
A review of best practices and training for staff when working with online educational service providers. This session will cover legal privacy requirements, examination of school or district practices and potential problems, and technical assistance on incorporating best practices.

Title: Data Security Best Practices including Data Destruction
Time: 10:30 am-12:00 pm
Location: MR202A
: Training on current data security best practices for education data systems, including user privacy and security awareness, privacy and security program development / implementation, threat modeling, and attacker methodology. This session will provide the opportunity for participants to increase their awareness of privacy and data security threats, obtain guidance to reduce risk of security incidents, and improve their ability to respond to incidents.

Title: Data Breach Response Training
Time: 1:45-3:30 pm
Location: MR202A
  An interactive role-based simulation of a K-12 district-level data breach, focusing on the processes, procedures, and skills needed to respond. This can be customized to other levels / organizations. This session will cover current plans for data breach response, response plan revisions, incorporate lessons learned, and best practices.

NOVEMBER 8, 2019

Title: South Carolina Department of Education - State Agency Day
Time: 9:00 am - 12:00 pm
Location: MR202C
  The US Department of Education representatives will provide updates from the national level.