Recent increases in data privacy awareness have come not a minute too soon, as the higher education ecosystem finds itself in critical discussions about data security as the number of compromising attacks continues to rise.
Two years ago, it would have been difficult to imagine the level of complexity in a university’s infrastructure and network operations that exists today because of the pandemic’s immense influence on higher education.
Usage of education technology has increased dramatically, helping higher education to continue to educate their students virtually but putting them under the spotlight of users and regulators alike. Students and families want to know that they can trust their institutions to keep personal information safe as the adoption of new technologies increases.
While higher education technology teams continue to evaluate the right actions to protect their institutions, the following best practices may be helpful to consider.
1. Operating with transparency around data utilization creates trust with students and staff.
Institutions have seen a recent surge in criticism from users, including students and student organizations, around the various education technologies that penetrate the overall higher-ed experience. One of the most important ways to address this criticism is through transparency. Personalization, data analytics and data privacy do not have to be mutually exclusive.
They can coexist if designed with privacy in mind. When implementing a new tool that collects student data, institutions should consider providing the right level of visibility for users into what this technology is and what type of information it collects. Colleges and universities can also communicate to students how they are approaching new technologies with a privacy-first perspective to create peace of mind and a sense of confidence in their level of trust with the chosen vendor.
2. Establishing formal vendor risk assessment processes will help detect technology vulnerabilities and access points.
The procurement process for both renewals of existing software and the adoption of new technologies has traditionally focused more on capabilities and less around safeguards for security and privacy. To combat any potential data vulnerabilities when adopting new solutions, institutions are increasingly conducting in-depth reviews of all components that interface or have access to student and faculty information.
