Carnegie Mellon pioneers AI project with U.S. Navy
August 20, 2018
With help from the Office of Naval Research, the private university looks to develop AI capabilities for humanitarian aid and disaster relief around the world.
Commentary: When it comes to protecting student data privacy, any number of things can keep a district CTO up at night. Here's how to prioritize the risks.
Linnette Attai has been building organizational cultures of compliance and guiding clients through the complex obligations governing data privacy m...
Every organization carries with it some inherent risk, and key to managing it is knowing where to start with a mitigation strategy. When it comes to protecting the privacy of student data, the risks sometimes seem to be lurking around every corner: the employee who leaves the laptop in the backseat of the car or the password taped to a laptop, the phishing scam that targets your school system leadership, the students who plan a denial-of-service attack on the day of final exams, the sheer volume of third-party technologies that are brought into the classroom every day.
All of these can keep the most seasoned CTO up at night, and sometimes the task of quantifying risks in order to be able to address them can be overwhelming. One key to wrestling risk to the ground is to do what we are often most reluctant to do: face it head-on.
To be sure that you don’t get buried under the sheer volume and weight of the concerns, keep the Creighton Abrams quote in mind: “When eating an elephant, take one bite at a time.” Here are some steps to figure out which bite to take first:
Building a school compliance program is a risk mitigation strategy, and it requires building a function that will be part of the fabric of the organization for the future. Shedding light on existing risk is one of the most important steps in mobilizing the function to get you moving on the right path. By doing so, you can you make “eyes wide open” decisions: thoughtful, deliberate choices that are made with all the facts in hand, and with appreciation for potential repercussions and strategies in place to mitigate the risk where needed.
Linnette Attai is the founder of PlayWell, LLC, through which she advises private and public companies, schools and districts, trade organizations, lawmakers and policy influencers. Attai has been helping clients navigate data privacy matters for over 25 years. She is the author of "Student Data Privacy: Building a School Compliance Program."