Student Privacy & Data Security Toolkit for School Service Providers

About the Toolkit

Supporting student privacy and data security are critical to creating a trust framework necessary for educational institutions and agencies to successfully adopt data-enabled information and communication technologies. SIIA has provided leadership to the sector on policy and practice. This toolkit provides the sector, and SIIA members in particular, with a suite of resources to inform their internal practices as well as their work with educators, families and policy leaders.

Technical Assistance  | Understanding Law Requirements |  Industry Self-Regulation | Policy Issues

Guidance & Technical Assistance


Student Privacy & Data Security Workshop for K-12 School Service Providers

This workshop gives K-12 product managers and company leaders the basic tools needed to review and improve data privacy/security practices. Wherever possible, real cases were used and internal processes were identified for a variety of product types and company sizes. Workshop sessions include:

Understanding Laws & Regulatory Requirements


State Student Privacy Law Reports

This section features a collection of comprehensive reports on student data privacy and security laws passed in state legislatures. Each report provides critical summary and analysis to guide education service providers as they engage with state and local education agencies.

Understanding 2014 Student Data Privacy Laws

2014 witnessed passage of more than a dozen new state laws impacting school service providers, including two landmark laws in California. This SIIA webinar and separate slide presentation highlight these new state privacy laws, identify trends across the different states, and provide tips on how best to ensure compliance. 

  • Click here for a presentation compiled by SIIA in the Spring of 2015, summarizing and analyzing key information from the 2014 laws.

  • Click here for a webinar featuring the lead counsel in the creation of California's 'Student Online Personal Information Protection Act' (SOPIPA), Margie Estrada, and the National Association of State Boards of Education's Amelia Vance.


Privacy 101 for Educators and School Officials (Feb. 2016)

As student data privacy laws continue to move at the state level and start to gain traction at the federal level, this free webinar is a primer for educators, school officials, and policymakers. It highlights trends of requirements on schools, teachers, and service providers and privacy considerations for schools when adopting new technology.

Industry Self-Regulation & Best Practices


Best Practices for the Safeguarding of Student Information

These privacy and security best practices are intended as guidance for providers of educational services to educational institutions to the extent that they collect, disseminate, use or maintain personally identifiable information about students (student PII). These best practices can be used to inform the contracts that govern the relationship between providers of educational services and the educational institutions – school districts and schools – for which they work.

K-12 School Service Provider Pledge to Safeguard Student Privacy

The Student Privacy Pledge is a set of legally enforceable commitments by signatory school service providers describing how they do and do not collect, maintain and use student personal information. These commitments clearly and concisely articulate a set of community expectations that build on and detail ongoing industry practices that meet and go beyond federal requirements. For more information or to sign the pledge, visit and review this webinar.


SIIA Policy Positions


Policy Guidelines for Building a Student Privacy Trust Framework

Education technology is increasingly vital to making certain our students receive a world class education, and our nation can compete in the global economy. School service providers view student data privacy and security as essential, and are trusted guardians of sensitive student information. Providers have a shared responsibility to protect the privacy and security of student information. One way they do this is through policies and procedures that both limit the collection and uses of student personal information to legitimate educational purposes and safeguard student privacy. 

Security and Communication Improve Community Trust

An article in Phi Delta Kappan magazine by SIIA's Mark Schneiderman on stakeholder consensus and communication as a tool in using and protecting student data.



SIIA Testimony to the California State Assembly

A prepared statement on 'Ensuring Student Data in the Digital Age' by SIIA's Mark Schneiderman before a joint hearing of the California State Assembly's Committee on Education & the Select Committee on Privacy.

SIIA Testimony before U.S. House of Representatives

A prepared statement on "How Data Mining Threatens Student Privacy" by SIIA's Mark MacCarthy before a joint hearing of the U.S. House of Representative's Committee on Education and the Workforce & the Committee on Homeland Security.


More Policy Resources