Data Privacy and Security

Published: 6/13/2017 12:33 PM

​In this age of data-driven decision making, data is foundational to the success of the process.  Whether discussing student achievement, program monitoring, education funding, accountability or any other education-related conversation, data is at the center of the discussion.
 
The Kentucky Department of Education (KDE) is required by state and federal law to collect and store student and educator records.  Click here for information on Kentucky data collection systems.
 
The Department takes seriously its obligation to protect the privacy of data collected, used, shared and stored.

​KDE Policy and Documents


Review and Approval Procedures:  Agreements involving Personally Identifiable Information (PII) 
The Department has developed a review and approval process for all data requests that involve disclosure of PII.  Click here to view details on the data request process.

District Guidance on Student Information Security and Privacy (November 2014)
Topics covered include:  Links to general resources, training, uses of data, breaches in security; data sharing agreements; disclosure of student data for studies on behalf of the district and for audits, evaluation, or compliance monitoring and parent notification about and access to student records.

Data Collection Opt Out Requests
To support Kentucky school districts on data collection issues, KDE prepared this guidance for local education agencies when responding to requests that no personally identifiable information (PII) about student(s) is included in Kentucky’s data collection system(s).

State-Level Data Collection

Kentucky’s data systems collect a variety of information at the student, school and district levels that is used to support instruction, continuous improvement, district operations and for state and federal reporting. The Systems Launchpad provides information on the Kentucky Department of Education’s various data systems.

Parent/Legal Guardian Requests for Student-Level Information

Click here for a document explaining the process by which student information collected by KDE may be obtained by a parent/legal guardian.

 

Confidentiality Agreements and Training


Research and Evaluation Training for KDE Staff

KDE requires all employees that are involved in evaluation and/or research activities to complete the National Forum on Education Statistics, Guide to Data Ethics Online Course.  External researchers must enter into an agreement with KDE and must also sign non-disclosure forms prior to obtaining and/or using any staff or student level data from KDE. 

KDE Employee Affidavit of Non-Disclosure

KDE system users must sign an Affidavit of Non-Disclosure upon employment and annually to maintain access to data systems.  This document outlines the manner in which KDE staff is to utilize data and protect personally identifiable information.  A signed agreement form is required from all KDE staff to verify agreements to adhere to/abide by these practices.  The failure to adhere to guidelines may result in personnel action, up to and including termination.

In addition to the non-disclosure, KDE employees and district staff must be approved for access to data systems.  System access must be approved by supervisor or KDE leadership depending on the level of access being requested.

 

Staff Contacts:

Robert Hackworth, Chief Security Officer; robert.hackworth@education.ky.gov
Dede Conner, Chief Data Officer;  dede.conner@education.ky.gov
David Couch, Chief Information Officer; david.couch@education.ky.gov

 

Robert Hackworth
Office of Knowledge, Information and Data Services
Division of Engineering and Management Services
300 Sower Blvd., 4th Floor
Frankfort, KY 40601
502-564-2020 ext. 2436
Fax: 502-564-1519