There are many unanswered questions about the coronavirus impacts in the United States, some of which center around how schools will reopen for the fall term. K-12 school districts in many areas are scheduled to resume classes in a matter of weeks. However, what the learning environment will look like has yet to be determined in many cases. With that said, there are a lot of concerns about how schools might implement distance learning on a large scale.
One concern that parents, teachers, administrators and technology leaders face is how to protect students’ personally identifiable information (PII) in an online environment. Child identity theft is a serious problem and educational institutions have been a target for hacking due to the vast amount of personal student data their servers store. A child’s identity credentials are seen as extremely valuable to identity thieves, primarily because of the long period of time where their use by the thieves can go undetected.
Parents are considering the option of continuing to keep their students distance learning, but internet safety tips for kids using online platforms will become even more important as more students (especially K-12) utilize digital education for a longer period of time. However, with so many different online platforms being used by schools of different sizes and needs, there could still be an increased risk of student data being exposed or stolen in a data compromise and then used to create synthetic identities or sold for marketing purposes.
In one example from 2019, an online education provider in the U.S. suffered an accidental overexposure when a database of possibly more than 19,000 students’ information was left unsecured. Anyone with an internet connection was able to see the data for more than a week before it was taken down and password protected. It is still not known if anyone accessed the information while it was exposed.
As the new school year takes shape, it will be vital that administrators and IT professionals put safeguards in place to prevent unauthorized access to student records, employee files and other sensitive materials. Understanding the laws that are already in place is important in helping schools avoid costly mistakes. In California, the state’s privacy and cybersecurity law (CCPA) requires businesses and organizations to safeguard consumer data against data breaches and accidental events. Companies are also required to obtain parents’ authorization when collecting data on any child under 13 years of age, as well as have permission from the parents and student if the child is between 13 and 16 years old. The U.S. government’s Children’s Online Privacy Protection Act (COPPA) also gives parents some control over what personal information companies can collect on their children under the age of 13.
The next step may be in limiting the type of information that schools gather, such as Social Security numbers or health insurance and Medicaid identification numbers. Another important child privacy step will be ensuring that all personnel who have access to stored data know how to secure it. As some educators switch to wearing multiple hats this fall, they must be well-trained on how to use the platforms their school systems have adopted.
For parents, there are many internet safety tips for kids they can teach their students when it comes to online security:
- Parents should be mindful of what websites their kids visit and teach them about what types of information are okay to enter online
- Parents are encouraged to help their kids be aware of the dangers of clicking links or downloading files, as these can contain viruses and malware
- Parents should make sure all of their kids’ online interactions occur with a known and trusted individual to lessen the opportunity for social engineering
- Parents can enact the strictest privacy control settings available on both their child’s computer, mobile devices and browsers they use
Anyone with questions about child identity theft, distance learning security or internet safety tips for kids can live-chat with an Identity Theft Resource Center expert advisor. They can also call toll-free at 888.400.5530.
You might also like…