Educational institutions at all levels have begun to realize that they hold a treasure trove of student-related information, that if analyzed using “Big Data” techniques, could yield valuable insights to further their educational missions. However, Big Data projects using student-related information can implicate significant privacy issues. The impact of applicable privacy laws and existing privacy-related policies should be taken into account well before engaging in a Big Data project. The following is a framework for analyzing high-level legal considerations and action items for educational institutions considering Big Data projects involving student-related information.
This code of practice from the UK Information Commissioner’s Office explains the rights of individuals to access their personal data and clarifies what data controllers must do in this regard to comply with their duties as set out in the Data Protection Act 1998.
This guide from the UK Information Commissioner’s Office offers data protection basics, information on the role of the ICO and key definitions in the Data Protection Act.
This guidance from the U.S. Consumer Financial Protection Bureau offers descriptions of activities that may warrant favorable consierdation from the bureau and aims to encourage activity that has concrete and substantial benefits for consumers and contributes to the success of the Bureau’s mission.
This set of FAQs from School Safety Partners addresses questions pertaining to the U.S. Family Educational Rights and Privacy Act, especially in relation to the disclosure of personal information during emergency situations.
This guidance from the BC Information Commissioner’s Office provides preliminary steps to responding to an information incident, including those involving personal information, and are intended to guide workers who encounter information incidents.
Nymity’s Data Privacy Accountability Scorecard is an evidence based, scalable framework for privacy offices to demonstrate accountability by monitoring, measuring and reporting ongoing privacy management activities in order to further realize benefits from their current investments in privacy management and from their future investments in privacy management.
A list of college-level institutions that have strong privacy curricula.
The National Conference of State Legislatures has compiled this list of U.S. state laws related to the privacy of Internet users' online activities.
This video from Intel aims to encourage employees to put greater importance on data privacy considerations using statistics on consumer trust and outlining how technology is driving the emphasis on protecting privacy protections.
This code of practice from the UK Information Commissioner’s Office is designed to help businesses collect and use information appropriately by drafting clear and genuinely informative privacy notices.
This paper from the CIO Council addresses various ways the Federal Government can use social media for information sharing, situational awareness, and to support agency operations, and the key considerations for each. The paper also explains privacy best practices for establishing a social media program, from pulling together an intra-agency team of experts to establishing internal social media polices and ensuring transparency of social media uses through published privacy notices and documentation.
This booklet brings together the key components of the OECD privacy framework, along with the supplementary documentation to provide context and explanation. The cornerstone of that framework is the revised Privacy Guidelines, which form Chapter 1.
These new guidelines constitute the first update of the original 1980 version that served as the first internationally agreed upon set of privacy principles and focus on the practical implementation of privacy protection through an approach grounded in risk management and the need for greater efforts to address the global dimension of privacy through improved interoperability.
This sample policy addresses the use of employee-owned personal computing devices to access, with certain limitations, the Company’s computing systems.
Page 2 of 10 pages < 1 2 3 4 > Last ›