Today I attended a Privacy & Information Management session in London which was a good learning experience.
The session began with an opportunity to to view some of the 8 training videos that have been prepared for use in Ontario school Boards. The video series was designed for 3 target audiences: teachers, administrators and IT staff. Key areas of best practice addressed in the videos included:
- physical documents
- office practices
- classroom practices
- digital data
- server locations
- implications of outsourcing storage
- laptop and USB key use
- destruction of digital data (hardware recycling)
- visual privacy
- use of cell phones, smart phones, digital cameras and video recorders
- guidelines for posting content on Board sites as well as uploading to public internet sites
Following the preview of the videos, the balance of the day provided opportunities to review strategies for implementation of Privacy and Information Management strategies and further discussion of the 3 areas identified above. I found the discussion rich and in depth. My note taking included the following points:
- laptop setup should include a BIOS level password, OS password and an encrypted area to store confidential data
- recycling of hardware must include data destruction on the hard drives
- prevent the use of peer to peer sharing tools such as Kaza and Limewire
- enforce password format and change policies
- key corporate level data stored locally where you can control access (information knows no boundaries)
- store email in a centrally hosted system
Key implementation strategies should:
- create a culture of awareness
- update and/or write policies to reflect needs and goals
- sustain energy and interest in this area (it is not a one time item)
- make best practice strategies relevant to key user groups (teachers, admin, support staff etc.)
- be shared as a team, this is not just one person’s torch to carry.
Drifting off a little as I was sitting in the sessions, my mind was flitting to other connections. After all, creating a culture of P & I Management awareness is connected to Digital Citizenship. In some ways, there are interconnected tensions between privacy culture, digital citizenship, suitable access to K12 content for curriculum delivery (content filtering/open internet) and copyright. Somewhere in the middle of all of this is a sweet spot – establishing the required culture is the challenge. I am looking forward to my involvement on our team.
Privacy Commissioner of Canada
Information and Privacy Commissioner of Ontario
One thought on “Moving the K12 privacy agenda forward”
“store email in a centrally hosted system”
Does this mean Google for Educators is out of question?
I’m very interested in chatting with you about PIM and social networking tools:)