Student Data Privacy

The Palo Alto Unified School District has many practices in place to properly (and legally) handle student data. A balance needs to be achieved between using data to educate students and respecting students' data privacy. There are numerous laws which apply to this balance, both at the federal and state levels. The Technology Services Division has been hard at work to make sure that the district and the vendors we utilize are compliant with the applicable laws.

For some websites and web services, parental permission must be obtained for student data to be shared. Under the Federal Family Educational Rights and Privacy Act (FERPA), a district can provide student data without parental permission for educational purposes as a School Official Exception. An example of this includes Google's Workplace for Education in which the district creates student user accounts.

Palo Alto Unified is a member of the California Student Privacy Alliance (CSPA), an organization which has created an unified agreement for vendors and school districts to enter into to protect student data. If a vendor does not sign the unified agreement, the district will require vendors to sign a MOU (Memorandum of Understanding) to prohibit student data mining or targeted marketing while requiring industry standards for encryption and security. As new district-wide contracts are signed and old contracts are renewed, the CSPA or MOU process is put into place. The goal is to ensure that all vendors (including teacher-initiated classroom-based tools) are either subject to a negotiated contract or covered by new state or federal legislation regulating vendor practices.