- Surveys & Programs
- Data & Tools
- Fast Facts
- News & Events
- Publications & Products
- About Us
- 3-1 An Example of Classifying and Categorizing Education Record Contents by a State Education Agency
- 3-2 An Example of a School District's Brochure about Record Maintenance and Policies
Suggested Audiences:
- State education agency staff
- School district staff
- Program and support services staff
- Technical staff
When you are asked to answer questions about your child or your family, do you wonder how the person asking the questions will use the information and what would happen if you gave the wrong answers? Everyone is concerned about releasing personal information to a stranger, and everyone wonders just how many people will see the responses.
School systems must have information about their students if they are to make appropriate decisions about educational and support programs. From the time a child enters school, records begin to follow the new student. Besides the information provided by the student or parent, such as basic enrollment and immunization status, school staff create a paper trail to describe the student's educational program, extracurricular activities, and other relevant experiences. Deciding what data to gather along the paper trail requires careful consideration of what information is needed by the school system and how best to collect it. In addition, however, the school system should take into consideration the concerns of students and their families. The principles in this section should be considered no matter who collects the data or how and why the data are collected about students.
How do I decide what information to collect about a student?
A. You can check state and local laws and regulations as well as school board policies for the types of information you are required to collect. Other than these requirements, agency or school staff should carefully consider the needs for the information against the costs and burden of collecting it. See Section 3, Guidelines A and B.
Must I have permission from the parents to give an achievement test to a student?
A. Permission from parents is not usually needed for achievement testing unless state or local policies related to obtaining parental permission already exist. In general, you should inform parents of the purposes and uses of testing and whether it is mandatory. See Section 3, Guidelines B; also see discussion of the Protection of Pupil Rights Amendment (PPRA) in Section 2, Guidelines C.
How responsible am I for the accuracy of the student data I receive?
A. In general, data collectors are more ethically than legally responsible. You can promote the accuracy and integrity of the data in several ways. See Section 3, Guidelines D.
When can I destroy student records? When not?
A. Agencies or schools may establish their own policies, based on federal and state legal requirements, to determine the length of time records or portions of records are kept. See Section 3, Guidelines F. However, you may not destroy a record if there is a pending request to review it. See Section 5.
Can I use social security numbers to identify or match education records?
A. Yes, you may use social security numbers if your state has no prohibition against using them. However, you may not require students to provide them. It is important for you to inform students or parents if agencies or schools intend to use these numbers. See Section 3, Guidelines E.
A. Determining the Agency's Student Data Needs and Uses
Usually, data are collected because they are:
- Required by laws or regulations
- Used to promote the efficiency and effectiveness of the agency
- Used to aid in the placement of students
- Needed for accountability and funding decisions
- Used to determine student progress and student needs
- Operations
- Instruction
- Management
- Research and evaluation
- Accountability
When data about students are aggregated, information may be used for program accountability and funding decisions. Each piece of information included in an education record should represent a clear and important need for obtaining and recording that information. Schools, school districts, and state education agencies may need student data for the following major administrative purposes:
- Operations--Schools and districts need data to ensure the efficiency of their daytoday functioning. For example, schools must maintain attendance records, handle students' health problems, and operate transportation and food service programs. Personally identifiable data are needed for such operations.
- Instruction--Teachers and other staff members also need student-level information to ensure that students receive appropriate instruction and services. For example, teachers need to know how to contact parents, and they need information about a student's previous educational experiences and special needs to help plan instruction. Counselors need to know what courses students have taken in order to plan their educational programs. Personally identifiable data, thus, are needed for instructional decisions.
- Management--Schools, districts, and state education agencies use data about students to assist in the planning and scheduling of educational programs and the distribution of resources (e.g., fiscal, staffing, and materials). Management functions generally do not require personally identifiable information. However, data should be maintained at a specificenough level that required distinctions (e.g., how many children qualify for certain programs) can be made.
- Research and Evaluation--Schools, school districts, and state education agencies conduct analyses of program effectiveness, the success of subgroups of students, and changes in achievement over time to identify effective instructional strategies and to promote school improvement activities. These data may or may not be personally identifiable.
- Accountability--Answering the questions of parents, policymakers, and other participants in the education enterprise about students' accomplishments and the effectiveness of schools has become an important function of data collected by schools. Reporting functions generally do not require personally identifiable data. However, some personally identifiable data are needed in order to carry out longitudinal analyses that may be crucial in assessing a program's effectiveness.
B. What Information Can Be Requested about Students?
In general, schools and education agencies are not restricted in what they may request about students; this is determined by state laws and regulations, the policies of the school, district or state education agency, and the professional ethics of staff. However, federal law (i.e., PPRA) does specify several types of questions that cannot be asked without prior consent of the parents. See Section 2, Guidelines C for a detailed discussion. A good practice is to collect and maintain in the education records only those data for which a clear and specific purpose has been identified.
In deciding what data can be requested from individuals, you must consider several important and practical factors. Data collection can be a burden on the data providers if too many questions are asked or the completion of the form is too time consuming. If the way in which questions are asked makes it unclear what information is requested, the accuracy of the data may be undermined. An important rule of thumb in data collection is that the data need should outweigh data burden and collection problems. Justification for data collection should state what methods will be used to guard against non-response, inaccuracy, and privacy intrusion. A good resource to use in deciding what information to collect is the Standards for Education Data Collection and Reporting, published by the U.S. Department of Education's National Center for Education Statistics in 1991.
C. Classifying Data Elements or Record Sensitivity
It is good practice for you to have a written policy describing what parts of education records are sensitive and exactly which data elements may be released as directory information and which ones may be released to different types of staff members. The California Department of Education has produced several sets of internal policies and guidelines regarding classifying data sensitivity and access. Exhibit 3-1 summarizes these policies and guidelines. You could cover some of the following areas in creating your written policy.
Each data element to be maintained about an individual student should be classified as to whether it is a part of the directory information (subject to public release), a part of the transcript information (will be released in a student's transcript if he or she transfers to another district or applies to a postsecondary education institution), or is supplemental (all the other information collected, e.g., bus route and class schedule). This can be noted for each data element in a data dictionary for an automated student information system. For paper records, there may be a notation accompanying the item on the collection form.
Within the agency, certain staff members may be allowed access to information on individual students based on a legitimate educational interest, or the staff's need-to-know. It is a good idea to classify each data element according to the type of staff member who may have access. Most persons with a need-to-know must have the information to make instructional or other support decisions. Some other persons will be involved in the collection or the maintenance of data, and will therefore have access to the information contained within the record (e.g., the school secretary). In Section 4, we discuss the federal requirement to establish guidelines for determining who has a legitimate educational interest. You can design maintenance procedures, which we also discuss in Section 4, to limit access according to this policy.
The written policy may include a description of how parents and students (over age eighteen) are to be informed about what types of data are kept in the education records. The policy may alsospecify whether data are considered a part of directory information, the education record or transcript information, or the supplemental record for use only within the school or agency. The written policy may also note that certain types of data are not considered a part of the education record and are not subject to inspection by the student or parents (e.g., personal notes maintained by a teacher or a substitute in a location separate from the official education records, or personal notes written by a school counselor that are not shared with anyone else). Exhibit 3-2 contains an example of a school district's notification policy. This brochure not only notifies parents of their rights, but also disseminates information about how the school district maintains records.
D. Ensuring Data Integrity and Accuracy
Data collectors may promote data integrity and accuracy through two efforts:
- Making sure data providers understand the importance of the data
- Designing the data collection activity and training survey staff to respect the dignity of the respondents
Two issues are important in ensuring data integrity and accuracy. The first is the degree to which the data provider (usually the student or parent) supports the data collection. It is important for students and their parents to know if the data being requested are required by law or for the purposes of ensuring that certain services can be received by the child. They need to understand when failure to provide accurate and complete data may result in the denial of benefits (e.g., immunization records required to enroll a child in school). For most data elements or data collection forms, you should inform students or their parents about why the data are important and how they will and will not be used. Written assurances of data confidentiality often alleviate concerns and elicit more cooperation, but not in all cases. You should be prepared to respond openly and thoroughly to hard questions raised by parents and privacy advocates.
A second issue that can affect data integrity and accuracy is the design of the data collection activity and the training provided to data collectors. Training is important for all staff who might be involved in collecting student information, regardless of the purposes. Such staff may include teachers, school secretaries, school nurses, guidance counselors, principals, and evaluators. Areas that should be included in staff training are:
- The distinction between collecting data that are mandatory and those that are voluntary; and the options of the student or parent regarding provision of the data (e.g., what services might be missed, such as free meals)
- The ethical and legal responsibilities of staff to prevent unauthorized use or disclosure of data
- The ways staff can obtain explanations or other help while collecting the data
E. Assigning and Using Unique Identification Codes
Using unique identification codes would:
- Allow the records to follow the correct students when they move within the state
- Provide the flexibility of merging data from different files to promote efficiency without threatening privacy
Many schools and school districts assign a unique sequential identification number or code to each student when he or she enrolls in school. Unique identification codes help to distinguish between students with similar or identical names and other characteristics.
However, the uses of the code are often determined by its source. Some state education agencies assign a set of sequential identification numbers for schools or school districts to use so that the identification number of a student is unique within the state. Other schools, school districts, and state education agencies adopt an algorithm for assigning unique identification codes. These algorithms generally include some combination of letters and numbers taken from the student's last name, first name, date of birth, and place of birth. The code may also incorporate a number for the agency or school. Such an identification code may be sufficient if students stays within the school or agency for their entire school career. If the student moves, however, the receiving school may assign a new identification code rather than track down the student's previous code.
Social security numbers are used in many cases as an identifier. The social security number has the advantage of being unique to students and does not change when they move to another city or state. While federal law restricts the use and release of social security numbers, it does not prohibit schools from asking for the number. Specifically, schools can ask for a child's social security number but cannot require it, and schools must inform parents that they do not have to provide the social security number. Schools also cannot deny any right, privilege, or benefit to students or their parents who refuse to disclose a social security number. Schools that use social security numbers should be prepared to issue an alternative code in case of such refusal.
Schools, school districts, and state education agencies cannot release the social security numbers of students because this is considered personal information. A more thorough discussion of the use of social security numbers is included in Education Data Confidentiality: Two Studies, a report of the National Forum on Education Statistics, National Center for Education Statistics of the U.S. Department of Education in 1994.
You should consider several things about using social security numbers. The social security number is unique to individuals no matter where they live. It is useful across schools, districts, and states. Using the social security number thus can make it easier for schools to locate the appropriate transcript or student information when they receive a request. On the other hand, parents may not recall the social security number for their children, or may give a wrong number, such as their own. It is difficult and time consuming to check the accuracy of a social security number.
Since social security numbers are used to maintain confidential information by other agenciesoutside the education system, it is crucial to ensure that no one gets illegal access to the numbers. Security is far more important with social security numbers than locally assigned identifiers. Even if the social security number is used to maintain education records internally, agencies may want to assign another number for the identification card of a student or for school use, and restrict the use of the social security number to very limited purposes.
F. How Long Should Data Be Maintained?
Many states have legal requirements defining how long education records must or may be kept. There may also be federal requirements for how long some data should be maintained. School districts should have more specific policies noting exactly which data to store and how long data should be maintained. For instance, transcript information for high school completers is often kept active for a fixed length of time, such as five to ten years. In the past, such deadlines were helpful because there was limited space to save paper files. With computer files, space is no longer as significant a problem, and student transcripts may be kept active even longer. Two recommended components to include in a school or district data policy are a listing of what data elements are included in the high school transcript or education record (sent with students when they move) and a time period for how long these records will be maintained.
Other types of data (e.g., afterschool care arrangements or extracurricular activities) may not be needed after a certain period of time (e.g., one year or after a student has left the school.) It is a good idea to include in a written data policy an indication of which data elements will be expunged from education records and when they will be deleted.
Finally, there are some data that a school or agency may want to expunge to protect the student. Disciplinary actions are an example; state law or local policy usually governs these cases.
Far West Laboratory. 1993. Privacy of student records. San Francisco, CA: California Student Information Services (CSIS) Project.
National Center for Education Statistics. 1991. Standards for education data collection and reporting. Washington, DC: National Center for Education Statistics.
National Forum on Education Statistics. 1994. Education data confidentiality: Two studies. Issues in education data confidentiality and access; and compilation of statutes, laws, and regulations related to the confidentiality of education data. Washington, DC: Government Printing Office.
Saint Paul Public Schools. Student records and your rights. Saint Paul, MN: Saint Paul Public Schools.
State of California, Department of Finance. 1992. Office of information technology security and risk management guidelines, Section 6. Sacramento, CA: Office of Information Technology.
For questions about the content of this product, please contact
Lee
M. Hoffman.
