Compliance
19 views
Skip to first unread message
Amy Jankins
Oct 13, 2022, 12:36:49 PM10/13/22
to googleschoo...@googlegroups.com
Does anyone know if Google Data Studio is FERPA compliant?
Thanks,
Technology will never replace great teachers, but technology in the hands of a great teacher can be transformational." -George Couros
Please be advised that under the Public Records Law, M.G.L. c.66, any email created or received by an employee of Wellesley Public Schools may be considered a public record and subject to public disclosure. This email may also contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.
Jeremy Lupoli
Oct 13, 2022, 1:45:00 PM10/13/22
to googleschoo...@googlegroups.com
Hi Amy!
Data Studio itself is a tool, and neither compliant or not compliant per se. It depends on how you use it.
Among other things, FERPA compliance has to do with who can see information, when. So you could either use Data Studio in a way that meets FERPA compliance - assuring only folks who are supposed to see data can see that data - or it could be used in a way that completely violates it.
Happy to send over a couple of examples of how it could be used appropriately or inappropriately, if that's helpful!
Thanks,
Jeremy
Data Studio itself is a tool, and neither compliant or not compliant per se. It depends on how you use it.
Among other things, FERPA compliance has to do with who can see information, when. So you could either use Data Studio in a way that meets FERPA compliance - assuring only folks who are supposed to see data can see that data - or it could be used in a way that completely violates it.
Happy to send over a couple of examples of how it could be used appropriately or inappropriately, if that's helpful!
Thanks,
Jeremy
--
You received this message because you are subscribed to the Google Groups "Data Studio in Education" group.
To unsubscribe from this group and stop receiving emails from it, send an email to googleschool-data...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/googleschool-datastudio/CAPv1%2B-h1P2m0zqXAt6isTF--9Q18ggK0yA_jGeGbOK_SX5qFaQ%40mail.gmail.com.
Amy Jankins
Oct 13, 2022, 2:06:08 PM10/13/22
to googleschoo...@googlegroups.com
Hi Jeremy,
If you have examples that could be shared that would be great. It is not included in our Student Data Privacy Agreements. We are approved for core Google Services, but not Data Studio.
Looking to create a dashboard that tracks SEL requests/referrals and wondering what I can/can not export in terms of demographics from PowerSchool to share.
To view this discussion on the web visit https://groups.google.com/d/msgid/googleschool-datastudio/CA%2Bk0FAF6ZiKXZid22VWMBrS%3Djf_xMgzRN1o0LSAKG%3DuyAhOvGw%40mail.gmail.com.
James Hatz
Oct 13, 2022, 2:14:28 PM10/13/22
to googleschoo...@googlegroups.com
What you should have is a data classification procedure - that defines what can and can't be shared.
Send me a direct email if you'd like a copy of a template I made and shared with other districts.
James Hatz
Technology Coordinator
Rush City Schools 139
Rush City MN 55069
Technology Coordinator
Rush City Schools 139
Rush City MN 55069
October is Cyber Security Awareness Month!
Help prevent SPAM & SCAMS: Think before you click!
To view this discussion on the web visit https://groups.google.com/d/msgid/googleschool-datastudio/CAPv1%2B-izob_xUzQWA6Ja_BwQuvPbhKixHp38GZEc0UHkRBd8FA%40mail.gmail.com.
Jeremy Lupoli
Oct 13, 2022, 2:20:20 PM10/13/22
to googleschoo...@googlegroups.com
Cool. So, the software itself is of course run by Google, so it's as secure as it gets when it comes to data that you want to keep secure. I'm not sure what your Student Data Privacy Agreements are saying and who their audience is, but if it's, say, listing out which products you use, then Data Studio would be fine to list, depending on how you use it. Default disclaimer: I'm not a lawyer and this is not legal advice 😉
So let's take a couple of extreme examples.
On one hand, you can have a Data Studio dashboard that:
- only indicates aggregate data
- is only shared with district administrators, and you have a good access policy in place (in other words, district administrators will lose access to their accounts as soon as they should)
In that case, specific individuals are seeing information that they should be able to see, and this is probably FERPA compliant. (Again, consult your legal person)
On the opposite end of the spectrum:
- A dashboard that shows individual student results, their student IDs, names, emails, and SEL requests for individual students
- You share that dashboard with anyone in the organization
In that case, you've probably shared a bunch of data with folks who shouldn't be able to see it.
So, building on what James says, if you have a data classification procedure - usually developed along with counsel - it will tell you what can and can't be shared to whom. If your Google Studio dashboard data and its sharing rules meet its criteria, you should be good. If not, you're not.
Hope this helps!
So let's take a couple of extreme examples.
On one hand, you can have a Data Studio dashboard that:
- only indicates aggregate data
- is only shared with district administrators, and you have a good access policy in place (in other words, district administrators will lose access to their accounts as soon as they should)
In that case, specific individuals are seeing information that they should be able to see, and this is probably FERPA compliant. (Again, consult your legal person)
On the opposite end of the spectrum:
- A dashboard that shows individual student results, their student IDs, names, emails, and SEL requests for individual students
- You share that dashboard with anyone in the organization
In that case, you've probably shared a bunch of data with folks who shouldn't be able to see it.
So, building on what James says, if you have a data classification procedure - usually developed along with counsel - it will tell you what can and can't be shared to whom. If your Google Studio dashboard data and its sharing rules meet its criteria, you should be good. If not, you're not.
Hope this helps!
To view this discussion on the web visit https://groups.google.com/d/msgid/googleschool-datastudio/CAPv1%2B-izob_xUzQWA6Ja_BwQuvPbhKixHp38GZEc0UHkRBd8FA%40mail.gmail.com.
Amy Jankins
Oct 13, 2022, 2:26:36 PM10/13/22
to googleschoo...@googlegroups.com
James, do you mind sharing your email address? I can't seem to export it from the group and I don't see the entire address when viewing you as a member.
To view this discussion on the web visit https://groups.google.com/d/msgid/googleschool-datastudio/CAOGTeFEWeXUGrad1%3DFmW5_J7oryi3OtKKDeetP-fYDtkY5PqAw%40mail.gmail.com.
James Hatz
Oct 13, 2022, 3:51:44 PM10/13/22
to googleschoo...@googlegroups.com, James Hatz
Technology Coordinator
Rush City Schools 139
Rush City MN 55069
October is Cyber Security Awareness Month!
Help prevent SPAM & SCAMS: Think before you click!
To view this discussion on the web visit https://groups.google.com/d/msgid/googleschool-datastudio/CAPv1%2B-h7J3nC-xLfkpdmEU_mZiwDB4Rr0__vRGPdGLcOEJGafw%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages