But as the world rapidly evolves, new scenarios emerge, and technology is no longer of interest to only IT professionals; everyone in educational institutions and organizations needs to have at least a basic understanding of Information Technology and how to use the internet in a way that is productive and secure, including educators and students.
Protecting individuals' private information has emerged as a top concern for businesses of all sizes. The Internet used to be a lawless frontier, but that's changing as more of our daily lives move online. As a result, the Data Protection Act (DPA) of 1998 was repealed and replaced with the General Data Protection Regulation (GDPR) in 2018.
The topic has grown in relevance, owing mostly to the fact that data is now the currency of the digital economy. According to 2021 UK government research, 39 % of organizations were hacked in the previous year. It is critical that educational institutions respect user/client privacy and maintain the security of all personal and sensitive data.
How do GDPR and data security actually influence the daily lives of educators and their students?
The COVID-19 pandemic hastened the hybrid learning wave, with most classes being taken online. The "new normal" became the existing normal, and even those who were sceptical to online teaching and learning could see the benefits, even if most people were relieved to be back on campus.
With the adoption of hybrid learning during the pandemic, a lot of progress has been made in online teaching. According to Wiley, over 70% of colleges expect to launch one or more online undergraduate programs in the next three years, and 74% of college students want mobile access to course materials.
This indicates that many students and universities are actively seeking out and using innovative educational technologies, but it may also raise red flags for Data Protection Officers (DPO). Concerns have been raised because external apps have the potential to access sensitive student information and compromise educational platforms.
Instructors often use third-party apps in the classroom to make lessons more engaging. However, there is a substantial risk that sensitive student data will be exposed if these third-party apps are not compliant with GDPR regulations.
In addition, using third-party apps could make your computer more vulnerable to being hacked, which could result in a lot of issues for you and your class.
How can you protect your university?
Data protection is a topic that has been widely discussed at itslearning. John Arthur Berg, one of the GDPR experts in the company, wrote a blog post about protecting the rights and freedoms of students, which is a great source of information.
Here are some of his tips: You must instruct your staff to be aware of your organisation’s policies on data protection, privacy, do’s and don’ts, vendor security measures, etc. Schools have a role to play in educating their students on how to protect their own privacy online.
Another tip to ensure effective data protection is to reduce the amount of data processed - the less data you have, the better. Here a few more suggestions for improving data security:
- Request only the information that is absolutely necessary, this also helps universities save money by cutting down on the quantity of data they maintain by erasing information once it is no longer needed.
- Online classes can be hijacked – ensure measures to protect personal data.
- Verify that suppliers follow all of your policies.
If personal data is secure, you will avoid being spammed with unwanted communication, and will create barriers to prevent your system from being hacked.
How does itslearning comply with GDPR and data security regulations?
When it comes to GDPR, itslearning takes it very seriously. We are ISO 27001 certified, which means that our internal processes meet the rigid ISO 27001 standards. Being ISO certified means that we must continue to ensure that our procedures meet international standards, run audits on a regular basis, and keep accurate records.
It is also vital to note that all of our saved data is encrypted. This means that we secure user privacy by ensuring that no human or computer, other than the intended parties, can access data at rest.
To learn more about GDPR, here are some key tips for educational institutions.