Jim Corns is the Director of Innovation and Digital Safety at Baltimore County Public Schools (BCPS). He knows about internet security issues including computer hijackers and boogeymen. His work presents us with an administrative view of this oftentimes scary issue. Learning Counsel caught up with him about his District’s work to make things more secure. The most important thing we learned is that BCPS is leading with a layered approach to ward off security and privacy risks.
“I’ve been in my position for about a year which is important because, about a year ago, Baltimore County really ramped up our stance on student data privacy and security of student information. We started by looking at the places where our data was being released and to whom it was being released and what kind of agreements we had with those agencies that we would release information to,” said Corns.
The important first step was creating a student data privacy agreement. This is what the district hands over to the various software vendors to sign-off on. Corns explained, “It’s a non-editable document that we provide to vendors that tells them what they may and may not do with our student data. Instead of having their privacy clauses being the language we agree to, they agree to what we say our privacy concerns are. “
For BCPS, this first major step was made to secure their globalized data. In tandem with that, Baltimore County worked to educate their 113,000 students and 20,000 employees.
Related Article: Securing Our Children's Education
“We also had to get a program going so that our employees were being better informed about what student data privacy meant. We created an online mandatory training that we deploy at the beginning of every year that walks our teachers and our employees through how to protect student data, the obligation that they have as Board employees, how to have software approved and vetted through the appropriate channels,” said Corns.
A final, “third leg” of the program administratively was added this year. “The other piece that we’ve really been working diligently on is to bring in our third stakeholder — our parents,” said Corns.
The program they created to keep parents informed is called “Growing Up Digital.” Corns said, “We have been utilizing this as a vehicle to speak directly to our parents and we’ve put out, in a very transparent way, for example, a list of all of our vendors that we share data with. We tell the parents what data we’re sharing with those vendors. As contracts renew, we are listing people who have signed-off on our new guidelines for data so parents can see all of that. As we get more information around any of the practices we have, we publish it on our website so that our data security and student data privacy activities are made know to parents.”
Corns indicated that BCPS also provides training courses for digital citizenship online, and uses the Consortium for School Networking (COSN) data privacy toolkits.
“We have a network filter that is designed to stop anyone from reaching an inappropriate website, but what we have been trying to do and I think we’ve been fairly successful with, is the idea that the only way to truly keep data secure, is to keep students out of places they shouldn’t be with a rigorous educational program,” said Corns.
For teachers, BCPS also created a streamlined method for how to get a piece of software approved. Corns said the district had built some flowcharts that asks what the software does, with arrows to the next question and next step. At the end of one of those steps is “Don’t use this product,” he said.
If a product is being championed for district-wide use, Corns said he gets involved as well as two other people from the Department of Information Technology (DOIT). A lot of times his department is in the position of pointing out some other software they already have that is similar or does nearly the same thing. Corns said, “I have 115 products that we’re rostering, sending data into, utilizing, and have done research on so there’s a good chance that the thing a teacher might want to do is probably over there, in some other software.” Even so, he keeps the door open for innovative new ideas and software to keep flowing in.
“We don’t want to just say no to everything,” Corns said.