Student privacy expert shares tips for state policymakers

Amelia Vance, director of education data and technology for NASBE, released seven lessons for state policymakers to protect and safeguard student data.

The National Association of State Boards of Education released a set of tips for policymakers on how to protect student data.

Congress is currently considering seven bills on the topic, and there have been more than 100 bills introduced in about 38 states, according to the Data Quality Campaign, a nonprofit based in Washington.

Now, the Every Student Succeeds Act requires states to adopt evidence-based interventions to improve student performance – which means schools will likely be collecting more data.

Amelia Vance, director of education data and technology for NASBE, spoke during the organization’s conference this week about how policymakers can strengthen student data privacy while still using the information effectively and for educational purposes. Here are some tips from her report released this week, “Policymaking on Education Data Privacy: Lessons Learned.”


State boards shape data privacy policy significantly. Often because of their public, transparent nature, state boards are increasingly given authority over data privacy. State boards can and should embrace this responsibility to ensure purposeful collection and use of data.

Stating the value of data is essential. If parents do not understand how data can help their children, they will not care how the state is protecting the privacy or security of that data. Policymakers must be proactive in explaining the value of student data to the public.

More transparency = More trust. Building support for quality data use is not possible without transparency. States ought to go above what is required by most current laws to build trust between parents and schools on data privacy. State boards, for example, can ensure the accessibility of resources and information on data privacy.

Early adopters can shape second generation laws. Most states that passed student data privacy laws in the last two years based their legislation on Oklahoma’s Student DATA Act or California’s Student Online Personal Information Protection Act (SOPIPA). These early adopters are models for other states, and states should pay close attention to any bills that raise new privacy issues, such as model legislation the ACLU introduced earlier this year.

Clarify, revisit, and revise existing laws. Laws can and should be improved and enhanced. Policymakers should continue to examine and revise laws to ensure they adequately balance privacy and data use in education and ensure implementers fully understand policymakers’ intent.


Student data privacy legislation can cause unintended harms. It is essential for all data privacy legislation to be vetted with a fine-toothed comb for vague or problematic language that may unnecessarily restrict the positive use of data. State boards are ideally placed to review bills before they pass.

Training on data use and privacy is essential. Anyone who handles data should know how to protect those data. Although more than 300 bills have been introduced over the past two years on data privacy, few mention training. Policymakers must ensure that each state has training laws and policies and identify resources to make training feasible.

“Data privacy will be ever more important as education becomes more personalized and dependent on technology,” Vance wrote. “By taking advantage of the current spotlight on privacy and using it to make positive changes that balance privacy and good data use, state boards can improve education and create a system where the appropriate use of data can help all children succeed.”

Reach the reporter at and follow her on Twitter @clestch and @edscoop_news.

Latest Podcasts