5 Data Privacy Steps Your School Can Take Before Spring Break

5 Data Privacy Steps Your School Can Take Before Spring Break

As schools across the country prepare for spring break, the Fisher Phillips K-12 Education Practice Group has five data privacy steps you can take before you pack up so you can have fun in the sun without worrying about this critical topic.

1. Store files and records: Although printed materials are becoming less common, they do still exist. Before you hit the road for your spring break holiday, make sure that any notes containing students’ personal information, records of performance, donor information, sensitive employee documentation and the like are securely locked away. Many schools bring in outside contractors for deep cleaning and repairs while school is out of session, so it’s important that desks and workspaces are free of sensitive data.

2. Leave the laptop at home (if you can): Threat actors can exploit security vulnerabilities while you’re traveling. Public WiFi networks are often not as secure as the ones we use at work and at home, and electronics are attractive targets for thieves. If you’re able to travel without devices that contain private information, it’s best to do so.

3. Separate social media: We all love posting our spring break adventures, but mixing business and pleasure invites security risks. If you have a public-facing social media account for your school, it should be separate and distinct from your personal accounts. Limit the crossover in connections between the two, as threat actors can use your friends lists to piece together a network of your colleagues and students – giving rise to more security issues.

4. Don’t discuss the details: It can be tempting to talk to friends and family about what happens at work, but when you’re dealing with schools, you must consider enhanced privacy protections. Revealing personal information about students or their families, donors, and employees can create significant legal liabilities, so it’s best to exercise discretion when “shop talk” comes up.

5. Reflect on opportunities for improvement: Spring break should be exactly that – a break. But, if your school has recently experienced a data privacy incident, it can also provide a good opportunity to contemplate lessons learned and what to improve moving forward without the demands of day-to-day campus life. Designing, developing, and deploying proactive data protection policies and procedures can insulate your students and staff from future issues.

Conclusion

For more than 25 years, Fisher Phillips has helped educational institutions navigate education-related challenges. We understand your culture, community, and regulatory landscape, so we deliver practical, proactive solutions without a learning curve. We stand ready to partner with you and hope you have a restful and restorative spring break!

If you have any questions, please contact your Fisher Phillips attorney, the authors of this Insight, or any attorney on our K-12 Education Team or our Privacy and Cyber Team. Make sure you are subscribed to Fisher Phillips’ Insight System to get the most up-to-date information.