Hi Katie,

We just had our Student Data Privacy and Security Policy approved by the School Committee last month. You are welcome to use as much (or as little) as you find helpful. The policy is "4110-5000 Student Data Privacy and Security Policy" posted at http://www.smithfield-ps.org/policies.

It was a very long process that involved our 1 to 1 Implementation Committee, our Ad-Hoc Policy Committee, our Special Education Attorney, and our district attorney. In writing our draft, we looked at the following resources:

U.S. Department of Education website, “Family Educational Rights and Privacy Act (FERPA)”, http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html

U.S. Department of Education, Privacy Technical Assistance Center (PTAC) website, http://ptac.ed.gov/

Federal Trade Commission, Bureau of Consumer Protection website, “Complying with COPPA: Frequently Asked Questions”, http://www.business.ftc.gov/documents/0493-Complying-with-COPPA-Frequently-Asked-Questions

Federal Communications Commission website, “Children's Internet Protection Act”, http://www.fcc.gov/guides/childrens-internet-protection-act

Family Policy Compliance Office website, “Protection of Pupil Rights Amendment”, http://familypolicy.ed.gov/ppra

The Consortium of School Networking (CoSN), “Protecting Privacy in Connected Learning Toolkit”, http://cosn.org/privacy

iKeepSafe website, “Digital Compliance and Student Privacy: A Roadmap for Schools”, http://www.ikeepsafe.org/educators_old/digital-compliance-and-student-privacy-a-roadmap-for-schools/

There is a brand-new Student Data Principles initiative, http://studentdataprinciples.org/the-principles/ that has some terrific information that would have been extremely helpful when we were putting together our draft.

Hope this helps

Paul

At the time we were writing our Draft Policy, the Student Privacy Pledge hadn't yet been supported by President Obama, so there wasn't much momentum. Now that vendors have been getting on board, we have added "badges" to our Apps Privacy page to indicate the vendors that have signed, http://1to1.smithfield-ps.org/privacy/apps-privacy

I had met Adam Seldow from the Chesterfield County Public Schools at a SchoolCIO Summit last summer and he had presented on how his district was being transparent around student privacy. I was impressed with his approach, so we built upon what he had done. Our parents seem to like that we list and link to the various vendors' Terms of Service and Privacy Policies.

Regarding Google Apps for Education, we specifically addressed the most common questions and concerns from parents in our presentations at each school. We also published the presentation online for any parents that could attend any of the meetings. You can find the presentation at http://goo.gl/Jc2CnJ .

The other thing be very careful about with Google Apps for Education is to only enable the services for students that are covered under the GAFE Terms of Service. Currently, those are Mail, Calendar, Groups for Business, Hangouts/Talk, Drive, Sites, Contacts, Vault and Classroom. We setup our OU structure so that we needed to manually turn on any additional services specifically for staff OUs to prevent student OUs from accidentally having access to apps and tools not covered in the TOS. Amplified IT did a nice job presenting on this topic at the RI GAFE Summit. We may want to offer something similar through RISTE, even as a webinar.

Paul