Skip to Main Content
Best practices Security & Privacy

Steps Canadian schools can take today to better protect student data

August 25, 2023 Sriram Seshadri

While Canadian educators are calling for better safeguards in data privacy, there are actions that schools can take right now. Clever’s Director of Security provides recommendations for vetting vendors and building a culture of cybersecurity within Canadian schools.

As Canadian educators start the 2023-24 school year, they’re speaking out on one of the most important issues to come out of the COVID-19 pandemic: data security. In July, both the 365,000-member Canadian Teachers’ Federation (CTF) and the regional Alberta Teachers’ Association issued strong, clear statements about the imperative to protect student information from what the CTF called “unchecked monetization.” Both statements call on policymakers to pass legislation preventing edtech companies from selling the data they collect to third parties. 

But as schools look to implement better safeguards for student data privacy, it’s critical to ensure cybersecurity is embraced comprehensively – with commitment not just from lawmakers but at every level of school systems, from individual teachers and staff to leadership.  

A 2023 study by researchers from the University of Chicago and New York University underscored the serious lifelong impacts data breaches can have on students, highlighting why robust cybersecurity measures are essential to safeguard student privacy amid the rapid increase in edtech. Compounded by several recent incidents in Canada, it’s imperative that cybersecurity and student data privacy remains at the forefront of ongoing conversations. 

Protecting student data: What can schools do right now?

One solution for schools outside of legislation involves carefully vetting the privacy policies of edtech companies, something that was impractical during the mad rush in March 2020 to transition to in-person learning. This requires that school systems perform privacy impact assessments of all tools being used within the system — and, ideally, performing this assessment before implementing a given solution.

Administrators should work with companies to ensure that there are necessary controls to reduce privacy violations and data security. Many edtech companies, including mine, only partner with platforms that have agreed to abide by relevant laws and the company’s rules about data collecting and sharing. 

When evaluating potential edtech partners, there are a few key steps schools can take:

  • Closely review vendor privacy and security protocols. Ask detailed questions about data encryption, access controls, breach responses, logical segregation and other safeguards.
  • Establish clear vetting standards tailored to your school’s policies and priorities. Rigorously evaluate each vendor against those benchmarks for the data they are handling.
  • Conduct ongoing monitoring, reassessing vendor relationships at least annually. Check policies for changes, audit data flows, and re-verify controls as risks evolve.

But vetting edtech vendors is only one part of the solution. Truly securing student data requires engagement across the entire school community. Cybersecurity cannot fall solely to IT staff—it must become a shared priority through training and open conversations that empower all stakeholders

We encourage schools to engage community voices in open discussions about cybersecurity risks and collectively build layered defenses through informed and vigilant staff, training, and technologies like multi-factor authentication. Activating the whole school is key, as cybersecurity is too critical and widespread an issue to silo. 

With collective action across all levels, schools can help safeguard both student privacy and continued learning amidst the growing role of edtech.

More to read

Enhancing K-12 cybersecurity: Clever unveils Classroom MFA

July 12, 2024

Enhancing K-12 cybersecurity: Clever unveils Classroom MFA

In the ever-evolving landscape of digital education, cybersecurity has become a paramount concern, especially for K-12 schools. Today, Clever, a leading platform that ensures secure digital learning for over 100,000 schools, has taken a significant step forward by announcing the launch of Classroom MFA. This innovative multi-factor authentication solution is uniquely tailored to meet the specific needs of K-12 education environments.

5 Insights into Classroom MFA: A Message from Mohit, Director of Product

June 21, 2024

5 Insights into Classroom MFA: A Message from Mohit, Director of Product

In an interview with the hosts of the K12 Tech Talk podcast, our Director of Product provides the answers to questions about Classroom MFA.

New survey from Clever finds technology integration as a top classroom challenge for teachers
Company Districts

June 21, 2024

New survey from Clever finds technology integration as a top classroom challenge for teachers

Clever’s latest surveys find opportunities to make Learning Management Systems and edtech applications work better together. SAN FRANCISCO, June 21, 2024 /PRNewswire/ — Clever, the platform providing secure, seamless access to learning applications for 100,000 schools worldwide, released findings on the impact of data incompatibility on classroom learning and teacher experience. In internal surveys conducted from October 2023 through April 2024, […]

Subscribe to our Cybersecure K-12 Newsletter to receive exclusive insights to safeguard school data.

This field is for validation purposes and should be left unchanged.