1. U.S. Department of Education Safeguarding Student Privacy Melanie Muenzer U.S. Department of Education Chief of Staff Office of Planning, Evaluation, and Policy Development

2. Data is one of the four assurances in ARRA and is also fundamental to the other three. Raise standards and improve assessments. Recruit, retain & support effective educators, and ensure equitable distribution. Build robust data systems that track student progress and improve practice. Turn around low-performing schools, focusing on dropout factories and their feeder schools.

3. Our initiatives rely on high quality, timely data to inform decision-making and improve educational outcomes. Strengthen Transparency and Increase Accountability Improve Instruction and Programs Empower Families Protect Student Privacy

4. New U.S. Department of Education Initiatives to Protect Data Privacy Provide a one-stop resource for SEAs, LEAs, and the post- secondary community regarding data privacy, confidentiality, and security practices in education databases. Privacy Technical Assistance Center Clarify how States can effectively develop and use data in Statewide longitudinal data systems while ensuring protection of individual privacy. FERPA Notice of Proposed Rulemaking Release a series of technical briefs providing guidance on privacy issues such as data stewardship, electronic data security, and statistical methods for data protection. Technical Briefs & Non-Regulatory Guidance Create a new senior advisor position at ED to work on all privacy policies and programs, including overseeing FPCO and serving on the PTAC advisory board. Chief Privacy Officer Evaluate process improvements for the Family Policy Compliance Office to expand technical assistance and resolve complaints. FPCO Process Improvements Solicit external suggestions on ways ED can address emerging challenges in protecting student data in data systems. Post your input on www.ed.gov by August 13 th.www.ed.gov Privacy Recommendations for Public Input

5. Privacy Technical Assistance Center (PTAC) Request for Information: https://www.fbo.govhttps://www.fbo.gov Develop coordinated guidance and communication about privacy, confidentiality, and security measures Communicate to stakeholders about outreach activities and changes to requirements, practices, and regulations Facilitate SEAs, LEAs, and postsecondary institutions sharing lessons learned surrounding privacy matters Create training materials on privacy, confidentiality, and security issues Offer virtual and in-person settings for collaboration Provide “one-stop” capability to share policies and practices with education data systems professionals Share lessons learned about privacy protection practices from other government agencies and industries

6. Technical Briefs ED is launching a new series of technical briefs on various aspects of the protection of personally identifiable information in student education records. Basic Concepts and DefinitionsData StewardshipElectronic Data SecurityStatistical Methods for Data ProtectionWritten AgreementsTraining Staff on Security Rules and Procedures

7. Chief Privacy Officer ED is creating a new Chief Privacy Officer position at the Department to be responsible for : ED’s compliance with and advice on federal laws, regulations, and policies related to information privacy Advising on privacy policy including legislative language, regulations, and non-regulatory guidance Advising ED offices on inclusion of privacy, confidentiality, and data security requirements in policies and programs Oversight of the Family Policy Compliance Office Training ED employees and contractors on privacy

8. Family Educational Rights & Privacy Act Frequent FERPA concerns heard by ED ED needs stronger enforcement authority ED needs to clarify what data sharing is permissible to comply with the American Reinvestment and Recovery Act and the America COMPETES Act Releasing new documents from FPCO FERPA NPRM Revised Frequently Asked Questions on FERPA Guidance on the disclosure of student information related to emergencies and disasters as permitted by FERPA Guidance on the applicability of FERPA to surveillance videos at schools

9. Family Educational Rights & Privacy Act Issued June 2010 Addresses disclosure of education records to outside parties when responding to emergencies, including natural or man-made disasters. The exceptions to FERPA’s general consent rule that may be applicable and that are discussed are – - Directory Information - Health or Safety Emergency - Judicial Order or Lawfully Issued Subpoena Issued June 2010 Addresses disclosure of education records to outside parties when responding to emergencies, including natural or man-made disasters. The exceptions to FERPA’s general consent rule that may be applicable and that are discussed are – - Directory Information - Health or Safety Emergency - Judicial Order or Lawfully Issued Subpoena http://www2.ed.gov/policy/gen/guid/fpco/pdf/ferpa-disaster-guidance.pdf

10. FPCO Process Improvements ED is investing in the Family Policy Compliance Office at ED to expand the technical assistance available to the public and to be able to resolve complaints more quickly. Hiring outside consultants to advise on new guidance Improve internal processes to increase efficiency Revise the complaint form for parents and students and post it online

11. External Privacy Recommendations for ED Full recommendations are available online at: http://www.ed.gov/blog/2010/06/data-security-and-privacy- protections/ Read the blog comments, post your own! Overarching Recommendations Define Data Collection Purposes and Align Security and Privacy Implementation Practices Develop and Evolve a Dynamic Privacy Knowledge Base Provide Guidance on Incident Response Plans Create a Leadership Dashboard Space to Enhance Decision- Making