As education researchers and evaluators, data security is mission critical. That’s why we’re committed to the strongest possible data security policies and practices to assure the confidentiality of student and teacher data. Just like larger firms, we adhere to a detailed Data Confidentiality Policy that keeps us in compliance with FERPA and related federal and state guidance. But we go a bit further, so we thought we’d share how we think about protecting student data and some of the practical steps we take to do so.
Arroyo Research Services evaluators are committed to a set of principles that guide our policies and decisions regarding data security:
- Each of us has a responsibility to protect the personal data in our possession.
- Data and data analysis should always serve students and educators for the purpose of improving student education.
- We do not publish identifiable student or teacher data. Ever. We do not report identifiable student data to clients.
- We prefer not to have identifiable student data.
- Protecting student data is equal parts publishing practice and data security practice. Data belongs to the client.
- FERPA is the law. We support it. We follow it.
That said, it is sometimes necessary (and legal) to use identifiable data in order to properly link data from disparate sources, such as student program participation, teacher assessment of student progress, and student self-reported survey information. In these instances, we aggressively protect and then destroy identifiable data as soon as it has been used for its intended purpose.
Practical Data Security
Acting on these principles involves firm-wide practices. These are established through our choice of systems and technologies, as well as the procedures we follow. Among them:
- Every employee and contractor operates with a signed confidentiality agreement.
- All professional staff are trained in the protection of human subjects in research.
- We do not send or receive data by email.
- We counsel clients and partners not to send data by email.
- Because we prefer not to have identifiable student or teacher data, we counsel clients on replicable ID scrambling strategies.
- We prefer SFTP for data transfer (but also use the preferred/approved secure transfer methods of our clients).
- We enforce two-factor authentication, strong passwords, encryption in place, and need to know access for cloud-based storage.
- Identifiable student data is archived and destroyed on a schedule appropriate to each project using specific protocols for digital and hard copy files. While hard copy destruction is more fun, digital requires more vigilance.