Skip to end of metadata
Go to start of metadata

Other Hot Topics: Cloud Computing Security | Cloud Data Storage Solutions | Community Based Security Awareness | Copier and Multi-Function Device Security | Full Disk Encryption | Managing Malware | Mobile Device Security | Social Networking Security

Version 1.0: October 2011

Statewide Longitudinal Data Systems: Security & Privacy Considerations

Statewide Longitudinal Data Systems (SLDSs) collect a vast range of information that can be both detailed and sensitive in nature (e.g., Social Security numbers, children’s pregnancies, mental health, illness, jail sentences, and family wealth indicators). However, some SLDSs may lack security and privacy protections commensurate with the sensitivity of the data they contain, and their policies and procedures for information-sharing among the agencies and entities authorized to access them may not always comply with Family Educational Rights and Privacy Act (FERPA) privacy requirements. Additionally, your state’s data breach standards may impose obligations on you for the handling of your institution’s data even after it has been incorporated into your state’s SLDS.

Why should the higher education community be interested in this? Although statewide longitudinal data systems began with a focus on the K-12 sector, states have rapidly turned to a “PK-20” or “PK-Grave” focus, with strong encouragement and grants from the federal government. Thus, in many states, ongoing SLDS efforts seek to implement systems capable of capturing, analyzing, and reporting student data at the individual record level from preschool through high school, college, and eventually, the workforce.

Sources: Children's Educational Records and Privacy: A Study of Elementary and Secondary School State Reporting Systems, a 2009 report by the Fordham University Center on Law and Information Policy (CLIP) and Hans P. L'Orange, John Blegen, and Tanya I. Garcia, “Improving Student Attainment Requires More from Higher Education Data,” EDUCAUSE Review, vol. 46, no. 5 (September/October 2011)

Security & Privacy Questions to Consider regarding SLDS

Institutions should consider the following questions regarding longitudinal databases to ensure privacy, transparency, and accountability. Note: This resource is intended for higher education IT staff (e.g., CIOs, CISOs, ISOs) or any other institutional departments that need to remain informed about the issues related to SLDSs (e.g., Institutional Research).

  • Does your state have detailed access and use restrictions for the longitudinal database? (These policies should be well-articulated and specific in nature; for example, they should define users, specify legitimate purposes of use, and limit access.)
  • Does your state require database users to enter into confidentiality agreements?
  • Does your state make information related to FERPA rights and obligations available and easily accessible on the Internet?
  • Has your state instituted clearly defined data retention policies and procedures? (States without these policies may be likely to hold student information indefinitely.)
  • Does your state outsource the data warehouse to a third-party vendor? There are several vendors used in the United States, and the service contracts they use are rarely the same.
    • From the 2009 CLIP report: “Third party processors of education records should have comprehensive agreements that explicitly address privacy obligations.”
    • From the 2009 CLIP report: “The vendors most frequently used throughout the states include: Infinite Campus, CPSI, eScholar, IBM, and ESP Solutions Group. With the exception of IBM, all of these vendors participate in the SIF certification program. This means that the data sets developed by these vendors will be interoperable. Infinite Campus, CPSI, and eScholar each offer systems that assist in data collection and offer services for data analysis. IBM is primarily used for data collection and storage services, while ESP specializes in data analysis and SIF compliance. Below is a summary of these major vendors and the products they are currently offering.”
  • Is Personally Identifiable Information (PII) data anonymized at the state level through the use of dual database architectures? (Some states may instead use unified database system with access restrictions.)
  • Does your state use a “unique student identifier” (USI) or a non-personally identifiable USI?
    • From the 2009 CLIP report: “An important element in ensuring the USI is an anonymous identifier to qualify for the permitted disclosure is whether state level employees can trace a USI to a specific student. Anonymity can only be accomplished when state level employees have no access to the linking key between the USI and the personally identifiable information, and no way to infer the identity of a specific student from the available data.”
  • Is the collection of information by your state minimized or limited to necessary information?
  • Is your state’s longitudinal database tied to an established audit or risk assessment process?
  • Does your state maintain audit logs of access to and use of the databases in an effort to prevent unauthorized data processing, improper access, or misuse?
  • Does your state make information about the database, its security, and the steps taken to maintain individuals’ privacy readily available and verifiable?
    • From the 2009 CLIP report: “Policies and procedures regarding the longitudinal database should be easy for parents and students to find, understand, and use.”
  • Has your state appointed a Chief Privacy Officer (CPO) within the state’s Department of Education? State CPOs help assure the respect for children’s privacy in education records and to oversee compliance with federal and state privacy laws.
  • Does your state’s Chief Privacy Officer publicly report privacy impact assessments for database programs, proposals, and vendor contracts?
States with Existing SLDSs

According to SHEEO, forty-four states (plus the District of Columbia) are currently collecting some type of longitudinal student data at the state level. View a complete list of state agency/entity profiles on the SHEEO State of the State Postsecondary Data Systems (SSPDS) website.

Additional Resources

Questions or comments? Contact us.

Except where otherwise noted, this work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.

Labels:
state state Delete
statewide statewide Delete
longitudinal longitudinal Delete
data data Delete
systems systems Delete
security security Delete
privacy privacy Delete
heisc heisc Delete
educause educause Delete
slds slds Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.