Skip Navigation
Forum Guide to Protecting the Privacy of Student Information: State and Local Education Agencies

Section 4: Securing the Privacy of Data Maintained and Used Within an Agency


Many school administrators are concerned with breakdowns in the security of their records systems. One administrator might agonize about the file cabinet key being stolen from the school secretary’s desk when he or she is at lunch. Another might worry about students breaking into the automated management information system to change their grades. Still another might cringe at the thought of certain student information being released to the media. These situations could happen anywhere, in public or private schools, school districts, intermediate service units, or state agencies, regardless of the sophistication of the records systems.

The No Child Left Behind (NCLB) Act has heightened the involvement of state education agencies in providing data, thus increasing their responsibilities in maintaining individual student data and safeguarding their privacy. Maintaining the privacy of personally identifiable data about students requires clear policies to restrict who has access to data and how the data are used. This section describes some of the considerations in deciding who can review and use student data, what are legitimate uses of data, and what security will be needed to protect against inappropriate access.


  • Discuss how to consider providing access and use
  • Determine “legitimate educational interest”
  • Discuss how to protect against inappropriate access

Key Points

  • An official designated as the data steward should be responsible for keeping individual records safe and intact from accidents, unauthorized access, theft, changes, or unintentional release.
  • A security risk assessment is important to identify the assets of an agency, potential threats to those assets, vulnerable points in an agency, probabilities of threats striking a vulnerable point, and cost estimates of losses should a potential threat be realized.
  • It is more practical to establish criteria for determining broad categories of positions than to list exactly who or what individual positions are considered to be “school officials.”
  • While agencies or schools may establish a policy to determine what constitutes “legitimate educational interest,” the decision also may be made on a case-by-case basis.
  • It is important to train all staff in information security as soon as they are hired. They should know what is considered appropriate and inappropriate access to data and use of the information within the records.
  • Existing professional standards are invaluable resources to support policymaking and training.
  • It is important to determine each time whether the staff assigned to conduct the research are trained and authorized to access the data. An alternative approach is to sidestep the question of security by creating a research file deleting the students’ identifying information.
  • Equally important are detailed procedures for records retention and disposal, as determined by an agency’s needs and legal requirements. Inappropriate disposal methods also threaten the privacy of the records.