Schools and school districts have always relied on service providers to help them make the best use of their data. And parents want data! In recent polling of parents across the country conducted by the Data Quality Campaign and the Harris Poll, 91% of parents polled who do not have information about whether their child is on track to graduate wish they did and 9 of 10 parents said they rely on data to understand how their child is progressing in school. Providing parents the data they want—and deserve—must always go hand-in-hand with keeping data private and secure. As the trusted partners of many schools and educators, service providers bear a critical responsibility in safeguarding student data.

So how can service providers do this?

1. Establish data governance, policies, and practices

Privacy and security policies are often where service providers start when thinking about using data responsibly. And while these technical policies are absolutely essential, they’re only part of what it means to have good data practices. Service providers should also develop a governing framework to guide their data interactions to make sure they are only collecting and using the data they need to provide and improve their service for students. Far from being an afterthought, starting with these conversations about the why and how of data is an opportunity for service providers to make sure they are using data responsibly and safeguarding privacy.

2. Build capacity and a culture of responsibility

Policies can only protect data privacy so much when those using the data aren’t trained to use it effectively while protecting privacy. Service providers must ensure that everyone with access to data in their organization is trained on and understands their role in protecting it. In addition, service providers should help their school and school district clients build their own capacity to use data well by helping to provide data use and privacy trainings, tools and guides, or technical assistance. Service providers can even use initial conversations with clients about their service to share how they can help educators use data effectively and ensure that it is safeguarded.

3. Improve transparency and communication

Overly technical and jargon-filled data privacy policies are simply not enough. Service providers should ensure their policies and other descriptions of their data practices are accessible, understandable, and thoroughly answer questions that parents and educators are likely to have. In addition, service providers should communicate clearly with parents and teachers about what data is being collected and how it’s being used and safeguarded. Service providers should reach out and get feedback from school and district leaders, teachers, and parents on the clarity of their policies and other communications to ensure they’re communicating in clear, trustworthy ways.

4. Communicate and demonstrate value of data

People won’t use data they don’t find valuable or can’t trust to be safeguarded. Part of managing education data well is ensuring it provides real value to educators and parents. If people can’t understand why data is being collected or used in the first place, conversations about privacy have no context or perspective. Service providers need to make sure they are truly meeting the needs of schools and families by not only protecting privacy but also helping to share meaningful data with parents in ways that let them partner in their child’s learning.

When used effectively, education data can empower parents to make the best choices for their kids, allow teachers to tailor instruction and target interventions where needed, and help education leaders give each school the resources it needs. Service providers can help ensure that everyone on a student’s education journey has the data need to support student learning and that the privacy of each student is safeguarded.

To learn more about how your organization can reinforce and demonstrate your commitment to safeguarding student privacy, please visit, an effort spearheaded by The Future of Privacy Forum (FPF) and The Software and Information Industry Association (SIIA).