Afterschool management information systems (MIS) process and store a tremendous amount of information on youth participants in order to improve policy, programs, and direct service. To implement and maintain such as system, however, those leading an MIS initiative must assure students, parents, and each of the project partners that they are responsible stewards of this sensitive information. In practice, this means providing guarantees that the data in the system are “fit for purpose” and that every reasonable precaution has been taken to prevent their misuse. Section 3 on Data Stewardship: How to Protect and Share Information (pdf) offers guidance on privacy and security issues in establishing an afterschool MIS.
There are three primary strategies that cities use to protect students’ privacy as they negotiate with schools to receive access to student academic data for the purposes of evaluating and improving afterschool programs:
- Partnering with schools to conduct afterschool evaluations, relying on schools’ access to individually identified student data to create aggregate reports that can be shared more broadly with city decision-makers and the public.
- Designating the afterschool coordinating entity or other key partner as an “agent” of the schools, using one of the exceptions authorized by the Family Educational Rights and Privacy Act (FERPA).
- Requesting prior written permission from each student’s parent or guardian to share academic information with providers.
The first two strategies are most useful for evaluating programs and overall youth outcomes. However, if the afterschool partnership would like to allow providers access to individual student data for purposes of case management, prior written consent from each student’s parent or guardian is required. These three strategies are not mutually exclusive, and each is described in more detail in the full report.
Security is the enforcement of a privacy agreement. The assurances made to students, parents, and data partners that their confidentiality will be protected are only as credible as the ability of the coordinating entity to enforce them, and the trust between local partners can be permanently broken by negligence, malfeasance or the unauthorized re-disclosure of private information. MI systems present a new set of risks in this regard, but also provide a set of tools for managing these risks. City leaders often provide the following safeguards:
- Many create a security policy and implement internal controls, including proactive education of staff, encrypting private data on disk and in transit, and developing a protocol to handle any potential breach.
- Cities using private contractors require security assurances from all MIS vendors, beginning with an evaluation of how they handle role-based access to sensitive information. Vendors should audit their own security arrangements and provide a disaster recovery policy that outlines their procedures with regard to data breaches, application failures, and natural disasters.
- In addition, many schools and other organizations that agree to provide information to a citywide afterschool system may request that one or both of the coordinating entity and its MIS vendor undergo a security audit, or at least retain the right to require one at a future date.