Capturing Moments, Protecting Privacy: LifeTouch’s Data Security Strategies

A

You're listening to ASPO International's School Business Insider. I'm your host, John Brucato. Each week on School Business Insider, I sit down with school business officials and industry experts from around the world to share their stories and explore the topics that matter most to you. Find out what it means to be a school business official and get your insider pass on all things school business. Hello, everyone, and welcome back to another episode of School Business Insider. Today, we are diving into a critical topic that's at the forefront of every school district's priorities. Data security and protection of student information. Joining me today is Nathan Pierce, national sales executive at LifeTouch, a company that's been long trusted by schools and families for capturing and preserving school memories. But beyond photography, LifeTouch is also deeply committed to protecting the data and privacy of students. In this episode, Nathan will share insights into the sophisticated software and technologies LifeTouch uses to safeguard student data and securely distribute photos to schools and parents. We'll also discuss the importance of data security and education, the challenges schools face, and how partnerships between school districts and vendors like LifeTouch can ensure that student information remains safe and secure. Nathan, my friend, welcome to the podcast. I'm happy to have you on.

B

Oh, John. Hey, thank you so much. And thank you amazing listeners and school business officials for, you know, for tuning in and connecting with us here. It's an absolute pleasure to be. To be joining you here today. Thank you so much for the invitation, John.

A

Oh, of course. Any opportunity that I have to sit down with you, I'm going to take it. Nathan, you're such a good friend and colleague and really a pinnacle in this industry, not just with data security, but really bringing folks together. And that's so greatly appreciated. And I'm excited to get your story out and to talk a little bit more about what you do. So, in that same vein, can you just kind of introduce yourself to our audience and just let them know who you are and what it's like being a national sales executive at Life Touch.

B

It's amazing. And, you know, for much of our country, this is an incredibly busy time of year. Certainly, our school business officials are seeing schools come back into session. My own little guy started his first day as a third grader just this morning. It was a bundle of laughs and tears and all the fields, but, you know, I've been here at Life Touch for just about 21 years. It's the only job I've ever had.

A

Wow.

B

And Life Touch is. There's a good chance that most of our Listeners here today, you know, we've heard about Life Touch.

A

I remember it as a student myself, getting my photos taken, you know, and.

B

Thank you so much for putting my children through school, John. I really appreciate that.

A

My pleasure.

B

We're so proud that Life Touches is regarded as the gold standard in our industry. We've been around just about 90 years capturing the joy and magic of Picture Day. You know, certainly my little boys have perhaps just a tiny, small deviation from that. They don't always get as excited to see Daddy roll in on Picture Day, but that's okay. Most kids are really excited to see me roll in on Picture Day. You know, for me, this has been such a pleasure in terms of being in this role. You know, my job is to help our school communities and our educational leaders to better understand some of the different priorities and some of the different values that a partner like LifeTouch can provide for their communities. I like to think it's perhaps one of the reasons why Asbo and LifeTouch have that affinity partnership and that we can find ways to help bring some of our best practices, our expertise in delivering not just safety, security, but other items of value to the business world.

A

So why I wanted to bring you on today was because I remember we had a conversation about the importance of data security, and my district, being one of them, sometimes use companies that interact with student data that may not be the best custodians. We haven't had any issues here specifically, but you and I kind of got to talking about the importance of companies preserving and protecting student data. Especially, I mean, if you're capturing images of students, that's even more important. So can you tell me a little bit more about why data security is so critical for schools and especially when it comes to protecting student data specifically?

B

Yeah, John, that's a great question. And if there was ever a day in which, you know, our school business community has to be on the front foot in terms of understanding the nuanced challenges and the kind of the key urgent priorities surrounding the application of the transmittal, the secure, the retention of. And then, of course, the discard of data. The time is now. You know, it seems like every other week we hear about a big district or sometimes a small district, and it kind of gets swept under the radar for these districts that have been compromised by some type of misuse or sometimes an external party that has been able to worm its way into their system. We had a call a few weeks ago from a district that paid $80,000 simply to turn their lights back on because they were victimized by some type of a cyber incident. And so what I'm not suggesting is that, and I'm certainly not suggesting that every district needs to look hard and closely at their photographer necessarily. Although you should. No, just kidding, Just kidding. But I would say to our school business audience is that taking, taking a look and auditing the process by which your choice of partner is intentional in how it requests, how it receives, how it secures, how it delegates, and then how it applies the use of personally identifiable information, or pie as some of our friends are calling it, this is an important piece of the puzzle that's really. It's not one of those things that's glamorous to talk about. Right. And there are a lot of moving parts and pieces. But if you think about how our school districts utilize data and utilize image information, there are so many moving parts and pieces. From our marketing departments, from our communications friends, from our school security, from our school nutrition, from our trans transportation services, all the, all through, you know, our data information specialists that will repopulate data and image content back into our student information systems. There are lots of different moving parts and pieces. And of course, I'm forgetting, some of our most volume users are our school yearbook advisors.

A

Right.

B

So, you know, the world is changing very, very quickly in terms of how digital content is consumed and how it's accessed. And so it's really important for our school business officials to be on the front foot and learning some of the best practices for data hygiene, but also demanding that same expertise in data hygiene when it comes to trusting, you know, a third party. I hate to use the word third party, but in the world of school business officials, I do recognize that that's the space that we live in. When you're entrusting personally identifiable information to a partner, are there safeguards to validate that that partner has the same intentionality and purposefulness as required by your unique district, but also by the law?

A

You make so many great points. And I think especially the fact that we obviously, as school business officials and school districts take PII and data security very seriously. But to then hand it off to a third party or a company, you're entrusting that they take it just as seriously. Right. And that oftentimes can be misconstrued as just assuming that maybe they take it seriously or assuming that because they're a reputable company or are willing to take your data that they're going to treat it with that same level of scrutiny. And you know, we had Kevin Krueger on from Cosin a couple of weeks ago. And, you know, you mentioned one of your clients, I believe, had to pay 80 grand to turn the lights back on. One of the big issues that he brought up that I don't think we always think about is with these ransomware attacks, just because you're paying the money to get the access back doesn't mean they don't still have the data. Right. So these cybercriminals aren't necessarily going to erase the data that they took from you. They're probably holding onto it and it's going to show up in the dark web in a couple of months. So you paid the money out, you got your access back, but the real root of the issue is still kind of out there. The data has been compromised. So it's scary. It is very scary. So what are those potential risks and consequences if schools aren't securing student data as adequately as they probably should?

B

Well, and I'm seeing this in so many places, and there were a couple of key best practices that I would advise school districts in terms of making their, their standard operating procedure when engaging with a partner, with a third party, with a trusted external player that's going to be interacting with personally identifiable information. And the first is how is that data information transmitted to that partner? I'll just give you a very quick example. Every once in a while, I'll be walking into a, Into a school building and. Well, I guess I should say once in a while. Right. That seems like every day.

A

I was going to say it's probably more often than not. Right.

B

Yeah. Mr. Picture Day coming rolling into your school is probably a, probably a very common occurrence here. So I had the opportunity to visit one of our school campuses, not one of our school campuses, but in a neighboring community. Community that was working with another, Another photographer.

A

Sure.

B

And I found a dump drive on the, on. On the, on the sidewalk. And I said, oh, my gosh. I said, please, please let this not be what I think it is. And of course, there were some markings on there that were pretty evident that this was going to at least contain data information or it might contain image information. Either way, number one, don't put it into your computer. Computer. Do not insert that into your computer.

A

Right, right. You never know.

B

No, discard that immediately. But it begged. The question is if there was a, a flash drive or a USB drive or whatever you want to call it, that was misplaced, does that potentially put your personal identifiable information or image content, does it compromise the security of that, of that content? And so what I like to share with our school business officials is understanding how that personally identifiable information and then on the back end, how the image content as it's married to the data, how is that being returned back to the district safely, securely, appropriately, within the parameters set forth by law now in New York State, as John, as you know, Bert, perhaps better than anybody, New York State Ed Law 2d has very, very stringent guidelines and requirements of the school district community, as well as its choice of partner in how the data may be requested, transmitted, how it's secured in transition and in and at rest, as well as how the delegation of the application of that data can be secured. And then on the back end, what the process is for that data information to ultimately, in layman's terms, to be wiped. Right. Or to be securely discarded once a high school senior has graduated. There is no reason for that data to live in any of our systems. And so the secure discard at the end, it can sometimes be as important as where that data is at the genesis of that handoff. We're talking about New York state ed law 2d, right? And you'd be surprised, or maybe school business officials, maybe you all wouldn't be that surprised. But there are many times when we're offered data via email and that is, it's, you know, you always, you always recognize that, you know, our amazing front office staff are, they're tireless, they're hard working, they're passionate about delivering an exceptional experience for their students, for their educators, for their instructors, and for their school leaders and their members of the community that come in to be in touch, be part of their communities. And so we recognize that, you know, they're looking to cross an item off the list. Right, right. Let me just email the photography company with the data that they need. Unfortunately, you know, the right thing to do is that double stop sign and say, you know, I really appreciate your wanting to be able to deliver the data that we need to prepare for a successful picture day, but we have to receive it in a way that protects you, the students and the community that we serve, but also protects us and is compliant with the law. Right. And so in this particular case, you know, I can't speak for all of the players in my industry, but certainly as representing the gold standard in our space, you know, it comes with a secure encrypted portal that provides for delegate access so that we understand the timestamping for when users are requesting data and when data is ultimately uploaded, as well as which users have specific permissions in terms of accessing or specific rights to dispense that data towards executing the Picture Day, turning it into the download for our system so that we can marry the image with the name and as well as other ancillary directory information that may be required to satisfy Picture Day and to do sorts and all those types of things. It's, it's incredible just how many schools, you know, they're in, their intentions are good. Let's check the box. Let's. Let's get the data that we need to our photographer. But you'd be surprised at how oftentimes this small handshake that you do one or two times a year. We'd like to be there three or four times a year, by the way, but we recognize that most schools, we're a disruption to instructional time, but it's a risk.

A

We all use emails so often, and I think when it comes to sensitive data, we need to be able to train our staff to identify what the appropriate channels are to transmit certain types of data. So if you're just emailing a memo, no big deal. But if you have a swath of pii, email probably isn't the best means of communicating that data, especially outside of your organization. So, you know, you mentioned the Edlaw 2D in the state of New York, and having lived through that, inception of that law was incredibly challenging because now you had a requirement set by the state that all school districts had to follow that required all vendors interacting with student data or staff data to follow these strict guidelines, agree to these terms and conditions. It's fine now because it's been out for multiple years. All these companies are used to it. But I remember when we were getting it off the ground, it was just so arduous to work with these companies because they're like, well, what do you mean? We're not, we're not agreeing to state by state by state. But I think now you're seeing that each state is probably adopting or has adopted something very similar. So companies need to be a little bit more nimble in how they're interacting with their customers, being a little bit more flexible with these individual requirements. Are you seeing that across multiple different states? I mean, obviously LifeTouch has a nationwide presence. Are you seeing that more states are adopting something similar to an Edlaw 2D?

B

Without question, John. And, you know, it's not necessarily a bad thing. I think it's a necessary consequence of the age in which we live. You know, face it, we live in a digital age. And John, when you and I were in grade school some number of years ago when we were in grade school. Think about what the process was for ordering school photos. Chances are it went something like this. John goes to school. John has a paper flyer that's tucked into a homeschool folder that John may or may not stuff in a locker and it might make its way home. And there probably were a bunch of different size options. And mom, dad, guardians, caretakers probably physically wrote a paper check and inserted it into a paper envelope and probably got a paper cut on their tongue licking the envelope shut. And it went back in the homeschool folder. And then John may or may not have delivered it back to his teacher. Think about how that process has evolved dramatically nowadays.

A

Yeah, I doubt there's a piece of paper involved anymore. Right. It's all digital. Digital flyers, electronic payments, remittance. I mean, it's a completely different experience.

B

Better than 86% of our, you know, of our consumers are choosing to engage in some type of a digital transaction process which by the way, a bit of a non sequitur. But that in of itself is yet another, another piece of the data risk. Right. That you know, school business officials would be advised to consider deeply when, when selecting their partners. Is, you know, what type of safeguards does that choice of partner employee in keeping your parents transactions safe? Is there PCI compliance? Are there safeguards to their method of taking payment? I digress on that point. But as the process for photography changes with how our guests and how our schools choose to participate in the joy and magic of Picture Day, you know, it's important that our security and our purposefulness in meeting those urgent priorities changes and evolves with frankly, with our districts and with the laws in place. You know, John, to answer your point about kind of from a national perspective is one of the pleasures that I have in this role is being part of our national sales team, you know, is that you are seeing so many states have a myriad of different ways in which they are securing data. Many states, thankfully, and perhaps it's, you know, kudos to the incredible work that New York State instructors and school leaders and business officials are undertaking. But many states are modeling. New York State and California too, for certain.

A

Yeah, yeah, I remember. I think California was maybe the trailblazer and then New York was quick to follow.

B

It's encouraging to see that states are asking questions, leading questions of one another to be able to better understand, you know, what are the key threats that we want to mitigate. And there is no district that wants their 15 minutes of fame we're seeing too many of these now, right? No district wants that superintendent or that school leader or that school board or school committee. If you're in New England, no community wants their few minutes of fame to be. Well, why didn't you audit and validate that your choice of partner in whatever industry it is, wasn't securing the parent transactions, wasn't securing the person identifiable information pursuant and compliant with the law. Those are questions that are unfortunate, but they're a consequence of the times that we live in. And I don't necessarily recognize that that's a bad thing. It just means that we have to be uber conscious of how we choose to prioritize the things that are keeping our kids in our communities safer.

A

Yeah. And to your point, I mean, when we were kids, when we were filling out the forms and in picking our backgrounds, which I have to say I regret, I never picked a laser background. I was always a safe choice. Maybe a slate.

B

John, we could make that happen for you. I'm just kidding.

A

Maybe I have to go back to my own third grade photo and get that laser going in the background. I know a guy. All right, we'll touch base offline and fix that issue. But I was going to say that the biggest issue was the compromise of data would have been maybe I left my folder on the bus or something and somebody could have picked it up and saw my information. But now that most, if not all information lives digitally, it can be accessed from anywhere in the world where before it was localized just to maybe the school bus or the playground or the front yard of your house when you get off the bus, you know, so it's a very different world.

B

Think about and you know, if you really pull back the COVID on New York State Ed Law 2d as well as other states governing legislation regarding how data must be secured. Think about. And John, you bring up a great point in terms of the device that we have. Right. And how it's, how it's a device that has access not just within the confines of the physical brick and mortar space that we exist in during our, during our work hours, but it follows us and kind of is an extension of us even during non work hours. And so one of the things that. And I'm thrilled that our company takes such great safeguards. I know that your district does and I know that most districts already have safeguards in place, placed. You know, think about how many times, John, you and I were talking about this offline a little bit, you know, about how, you know, the only thing certain in life is death, taxes and then, you know, our smart devices asking us to multi factor authentic access to things like our email client or some of the other applications that we're engaged in. But it's true is think about your device and just how precious that device is. And if that device falls into the wrong hands, it's possible that your district could be at risk because of a lack of steps to be able to mitigate or to decrease the likelihood of some type of an incident. And so there are so many competing things that we now have to deal with and our districts have. Have to really consider.

A

Yeah, yeah, excellent points. So walk me through what Life Touch does to mitigate those risks. I mean, what specific measures does LifeTouch engage in to protect student data, student photos, you know, what kind of software does the end user have to worry about or interact with? I mean, I'm really curious about how your approach differentiates itself from maybe others that are taking the traditional school photo method.

B

I love it. And thanks for teeing that up for me too, John. I'll start, I want. Because I'd love to share more about this. Of course. Let me just start with just a very quick little story because I think it's telling. Right. And the data that you can only consume this data stuff for so long. So I was in the capital region having dinner with New York State PTA with Kyle Belakopitzky, the amazing executive director. She's absolutely salt of the earth and a real hero too, by the way, as well as Carol Ann Raymond, her amazing number two. And just a selfless, tireless and authentic servant for our school communities. And so we were breaking bread together at a little family restaurant in Troy. What a beautiful little community. Right?

A

Yeah.

B

And we.

A

Restaurants in Troy, by the way, underrated truly.

B

Right?

A

Yeah.

B

There's some great stuff, you know, maybe not a garbage plate. Well, the garbage Boston foyer. Right. They're not like a garbage. But yeah, so we're having dinner, we're breaking bread together. And you know me, I got, I'm. I'm bedazzled in life Touch wear. And I think Kyle and Carol Ann had some, had some awesome New York State PTA hoodies on and the like. And so there was a table next to us. I mean, and we were pretty packed. It was a family restaurant. It was a Thursday night. They were humming and so we, there was a table next to us with a single mom and she probably had three or four little ones next to her and they were all somewhere, you know, probably 1, 2, 3, 4 in ages. I mean, they were. They were four kids. I mean, look, I was getting a headache just looking at it. I only get two. So at one point, it was pretty obvious that the youngest child was going to be in need of a diaper. And so. Bet you didn't think this was going this way, huh, John?

A

So, no, this is prime podcast content. Thank you. That's what the people want to hear.

B

You know, so the mom looks over frantically, right. And we've all, as parents, John, you're a parent, I'm a parent.

A

And there are many times been there.

B

When you're looking for an escape hatch. Right. Or someone kind. And she looks over and she kind of laughs and she goes, you know what? I was going to ask you guys if you wouldn't mind watching my three kids while I do a diaper change, but sitting at the table next to me, I have New York State PTA and Life Touch, Literally the safest table I could possibly have on the planet.

A

You couldn't ask for a better table. Right.

B

And so we chuckled and we laughed about it. But the point I'm making is that. Thanks for the question. There's. There's no one out there that has the intentionality and the purposefulness in keeping our kids in our communities safe. And it's such a pleasure to be recognized for that and that our brand is so strong that people recognize it if we want the very best in what it means to keep our community safe. Not, of course, you want to be with a pta, but you want it. You want to. You want to engage with Life Touch to. Or experience what that can bring. John, your question is, what does Life Touch do? Well, number one, it starts with engaging with our districts to understand what their needs are. Number two, we need to know and understand what the law says. And listen, I mean, we're not a great fit in every community. Right. And there are some places where, believe it or not, they're not set up to be able to deliver data in a way that's going to keep you and me and us safe.

A

Sure.

B

And so when we. When we uncover situations like that, it. It's being very honest and saying, I can't accept data information as provided on a jump drive. I can't take it via Dropbox. I can't take it via, you know, a link via teams or a Google Drive or that.

A

Right.

B

So a lot of what we do is unfortunately. And it's the unglamorous part. Right. You think, you know, Nathan, what does it mean to be a Photographer, you get a camera and go out and photograph Dua Lipa, right? I'd love to photograph Dua Lipa, wink wink. But the reality is a lot of what our job is is keeping you safe. It's asking questions, it's understanding what the priorities are so that we can meet what your priorities are. Once we've established what the law says and what we can legitimately. Legitimately is the wrong word, of course. But what we need to do to keep you and us safe is that it's a matter for uncovering what the plan is going to look like in most cases. You know, since we've had to meet the needs of New York state ed law 2d as well as requirements in California, North Carolina and some other places that are now really leading the conversation throughout our country regarding what those evolving priorities are. No, I'm so pleased to share that, you know, our secure encrypted portal meets and exceeds the requirements that Edlaw2d and others have. What that means is, you know, when data information is requested, we're able to provide the basic bones of what that data is going to look like. But we're not providing a sample for what those kids data information is because we can't sacrifice or compromise even a sample of that data. Then it's a matter for delegating the use for whomever at that building is going to be validated. To be an authenticated user, that's really, really important. And it means that there's conversations that happen with all of their end users downstream. What's really, really important and what I would ultimately suggest for any school business officials that are engaged in this process is consider the largest listing of folks that engage with data and with image content and then whittle it down and identify who needs what layer of access for the basic functions that they're undertaking. As an example, a yearbook advisor is really going to be very, very interested in how the marriage of that data can support for opposed selection for integration into the school's yearbook. They don't need to necessarily have directory layer access versus, you know, a school, a school communications professional. They're not going to necessarily, not necessarily require access to student directory information or pie, but they would value access to some of the sports and, and the candidates and the clubs and the superlatives and those types of things to help you tell your story. School building administrator yeah, there's a great chance that all that directory information is going to be extremely valuable and advantageous to have at his or her fingertips being able to put A face with a name for students is incredible. Same thing with our incredible school counselors and our paraeducators and, and all of our instructors. So that's a best practice that we take very, very seriously is having the conversation who are the key players that are going to be engaging and interacting with this data content and image content when it's ultimately married together. But let's talk about what layer of access each for each level is appropriate and makes the most amount of sense for the roles that they're looking to force fulfill. Because there are, there's delegate use and there is authentication that occurs for access to this secure encrypted portal. It meets and exceeds all the, all of the requests that 2D has for us, as well as states like California, North county, etc. And then it's a matter of when that information is then translated back into directory information with images. How do we get that information back to, back to our data information specialists or whomever is tasked with essentially populating your student information system. And in many school systems that can be disparate too, right? A power school, infinite campus, red occur school. You get the idea. There are many different school information student information systems out there that luckily through our portal we have a template for almost every student information system out there. And so within just a few seconds we can help that delegated user pull down the information securely, easily, and then translate that back into your system so that there isn't a moment where that data is going to be compromised. And so that's really the summary of how a best practice in terms of what we're doing to be on the front foot. But so much of that, John, is really understanding what's appropriate in this particular community, who the key players are introducing the tool so that the tool is working for you very appropriately and very specifically, and then ultimately validating that the handoff is to the delegate user that is appropriate to that role and to that purview of that data.

A

Right. You know, the more security you introduce to a situation, more often than not, the more complicated it is. And you know, having you just walked our audience through the process that LifeTouch takes. It sounds complicated, right? There are a lot of different layered levels of access. Do you partner and work closely with these school districts, like if they're brand new to LifeTouch, to get them off the ground? Because to just give them a guide and say here, this is how you set it up, sounds like it could be pretty intimidating, right? So do you sit with the districts and kind of walk through what each access level means and who should get what and why. It's so important to get this right the first time.

B

You know, it's funny how things have evolved, right? And so the other day we were, I was in our hub facility, I was doing a little bit of cleaning out of some of the things and we actually uncovered a box, a big long box, right? And it was about like four by four. And I knew, I knew it was coming too because they had our old Life Touch script logo on it, right? And so I recognized that the box had old floppy disks. You know, the 4 by 4 floppy disks, right. And I took one home. And I'm only half kidding, but my now 8 year old said, oh my gosh, dad, you 3D printed the save icon.

A

It's like, oh boy, really dating yourself, right?

B

And I said, oh, Joel. I said, no, daddy didn't.

A

Where do you think the save icon comes from?

B

I said, this is how we used to save data. He says, well, did that go to the cloud? No, there wasn't a cloud back then. The question you asked is, you know, how are we relaying this evolving priority to our partners in our school communities? And the answer is it's a one by one approach, right? It's all about great communication and it's all about building a relationship that's, that's predicated on trust. And it's about building relationship that understands that there's a mutual benefit for us both in ensuring that you're safe and that we're safe. We're meeting the law. We're building an appropriate role so that we have a successful handoff, so that you have what you need to do to tell your story, to celebrate achievement, to inspire your students to continue growing and excelling in academia and all the other ancillary programs. But also we're helping make sure that we're not compromising data and helping you to deliver that 15 minutes of fame that's going to be an unfortunate incident in your community. It's a step by step conversation in each district that's really about understanding what the roles are and how we can best help.

A

Well, your floppy disk story is just too funny. I had a similar. Yeah, I know. We just uncovered a box of them ourselves in our district office. We were cleaning out our facilities office as we make some staffing changes. And there was a box of labeled something along the lines of capital project photos. And I don't recall what year it was from, but obviously floppy disks were prevalent. And I'm like, oh, I can't I would love to see what we did back then because I know what the finished product looks like years and years later. But I would like to see kind of the design and everything. And I go to my tech director, I said, do we have a floppy disk reader? And he kind of had this puzzled look. He's like, why would you need that? And it's just. They're out in the wild, folks. All right, the floppy disks are not dead yet, but it's going to be challenging to get the data off of them because I think those readers are hard to come by. So I think we had to add, you know, end up buying one from Amazon or something. So hopefully it sounds in transit to me because I want to see these photos. But it's funny because these archaic technologies are still out there and you have to worry about that. So to your point, I mean, that's kind of the old school version of a flash drive, right? I mean, as a floppy dis. So there could still be PII before PII was even a thing. So that needs to be in the back of our minds too.

B

Well, and back in the mid-90s or so, I mean, that was to an extent one of the ways in which data professionals would share information with their partners. I remember going into school buildings and taking possession of a floppy disk and driving back to the office and popping it in. And you know, times change, priorities change. I'm not lamenting change. I'm just we have to be better as a global community of leaders and learners and business partners in understanding where the risks are. And if there's an opportunity for us to help mitigate some of those risks, but also to deliver a better experience, then why not, right?

A

And I mean, we're so used to instant gratification just with the evolution and revolution of technology. But I think too with that comes a laxed approach to security. Because we're so used to getting things instantly, sometimes we need to slow it down to make sure that we are secure in the data that we're transmitting. You mentioned something as you were going through Life touches interaction with school districts. And really you have a very high bar that's apparent. And you were talking that maybe not all school districts are there yet terms of being able to securely transmit data. Can you tell me a little bit more about how you may deal with a school district? I'm thinking maybe those that are in rural communities and may not have high speed broadband. Are you still doing a paper process? Are you still checking those boxes and those backgrounds with the Lasers and the hunter green backgrounds, or how are you able to accommodate school districts that may not have those means? What is your approach to that?

B

Yeah, you know, John, that's a terrific question because, you know, as many of our districts grapple with questions regarding student equity, in terms of equity of access, in terms of equity of experience, in terms of the equity of, well, the access, the experience, and then the exposure to the things that are important to building their educational journey. Yeah, you bet. And one of the challenges, certainly, in meeting the needs of our rural and frankly, our most urban partners is precisely that it's time, it's minutes, it's the calories that are expended towards really identifying what the plan can be and doing what you can with the resources, however limited that they may be. Now, what I can share with you is that it's, it really is a fundamental question on the, on the beginning part of our relationship is I, I won't take on a customer in which I should say that I, I, I, I wouldn't, I wouldn't be as able to meet the needs of a new customer if they're not able to support the safety piece.

A

Sure.

B

And it's really, really important. It's, I don't want to call it almost a line in the sand, but there is a moment where, you know, business ethics and integrity really predicate where the conversation can go. You know, it's one of the things I love chatting up with David Little and our friends at rural schools of New York a little bit about that is because, you know, there are challenges with broadband in rural communities. There are challenges for folks that have devices at home, there are challenges. Likewise with folks in New York City and in LA and in Chicago and in Boston here in Boston, there are challenges with folks with devices and with equitable access to the Internet. And so it's a challenge that we all face. What I will say is that when you take that challenge head on and say, listen, so I recognize this particular community, one of the key challenges that you have is reliable access to the Internet. And so one of the things that, you know, our program works with is a layer of encryption for securing your data all the way through from stem to stern. And so what are some, what are some thoughts that you might have in terms of how we can ensure that keeping you safe, but also we're helping you be compliant with the law. And a lot of times when you lead with that, John, they get it. There are some other parts too. I mean, as I experience more and more, you know, there's a handshake in terms of the data with a lot of different competing priorities in our districts. Right. Not just lunch systems or nutrition systems, I guess I should use the term. Right. Our school counseling systems, certainly the driver's ed piece, the FAFSA piece, the school transportation systems, a lot of these different moving parts and pieces also engage and interact with some of this. Some of the similar sets of data say that five times fast. Many of them utilize some of the same bits of data. And so sometimes I find that by me broaching that, that concept or that challenge or that opportunity, there's a way in which we can better deliver. For many of the other players in their district, too, Don, it's really about getting ahead of it and establishing that we want to keep you safe. And here are some of the things that we need to do for us to both be successful. And if we can't, we're not going to be in a position, unfortunately, to not be in compliance with the law. And so that's not going to be a place that we can.

A

Right. Well, I mean, it's reassuring to know that you have that level of integrity that you're not going to waiver from in the slightest instance. Because engaging with companies, you never really know, I guess, because they'll tell you one thing, you have agreements. But are they really protecting data on the back end? I mean, just, I was reading an article about how many data breaches there have been in recent years. You know, it's tough. So talk to me a little bit more about best practices that school districts can engage in to ensure that when working with vendors that student data is protected. Like, what questions should they be asking? What should they be looking at? How can they ensure that what they're talking about face to face really comes to fruition when that relationship engages?

B

Yeah. Great question, John. Number one, stop using email. Stop using email. And I'm sure many of our school districts and our IT programs, they set up very, very similar processes. Every once in a while, you know, we're sent an email. Right. That looks and feels accurate, but it's.

A

A phishing email and, and they're getting much more sophisticated. I mean, if I get another bogus Chase bank email, Listen, I, I, I.

B

Always look long and hard at those Saudi prince things and I, you know.

A

If I, your heart goes out to them. You know, you want to, you want to help them out.

B

If I would just send them 10 grand, I could, I could get in exchange for $50 million. Oh, my goodness.

A

Yeah, a good deal.

B

Stop using email. And very commonly, and it's almost to a fault, ask there was a reason why people called me. For a large part of my career, they'd call me Needy Nathan. Great becomes a moniker at ASBO now. This is gonna be awesome.

A

I'm gonna use this one in Nashville. Here we go.

B

They're gonna love me in Nashville, John. They always do. So pick up the phone. If there's a question about the validity or the authenticity of a request, pick up the phone and make that human connection with someone. I cannot underscore just how important that is. Because if your partner truly cares about the handshake between the genesis of that data as well as its application and its use downstream, they'll be more than happy to take that phone call from you so that you can develop a plan. And if something doesn't feel, smell, or look right along the way, call them and say, hey, listen. So I just have some questions about this. I don't want to reengage on email number one. It's great practice anyway, is instead of an email trail, have one conversation. But I digress on that point. I just find that too many times, John, to your point about immediate gratification and instant is. It's just easy to frame it up and send it. Yeah.

A

Then you have to worry about it and you wait for the reply to get back. Right.

B

Ex. Well, unfortunately. And what I would posit to our, you know, our amazing audience of school business officials is pick up the phone and ask a question. Not to go all Ted Lasso on you, but be curious. Yeah, be curious about it and say, well, you know, help me understand a little bit more about, you know, what this. What this data is needed for. So that's my first suggestion in terms of a best practice for data hygiene and for engaging with a business partner in which there's a handshake or a handoff of data. You know, the second part is, you know, build a relationship with that partner so that you better understand the data is going to be used for, you know, in terms of the world of school photography, I think most folks kind of get it right. They're like, yeah, well, we get it right. I mean, you need the kid's address and the parents email, and you probably want the Guardian1 Guardian2 cell phone numbers that you can let them know that picture day is coming. Right. And that since no one can be trusted to use an order form on a paper. And like John Mercado and his smush backpack, you know, how do we. How do we get that link. Well, I think most folks understand now that there's a reason why a photography company, you know, would be requesting pie. Well, it's to fulfill the obligations that we have for making sure that your front office isn't inundated with calls about when Picture day is and how do I order and how do I get this and how do I contact my friendly Life Touch guy or Galaxy. So number one, pick up the phone. Number two, build the relationship. I think there's a third one that can sometimes be overlooked and unfortunately it's the one here where it's a little bit of a double edged sword is how do our SBOs source and socialize, how do we source and we socialize and then validate the compliance with existing laws that we have now? I'm not pointing fingers and I'm certainly not, I'm not, I'm certainly not someone that was going to say, well, in New York State we're all over the place, but there are some places where there's disparate knowledge, right, of how we, how we are understanding what the limitations that we have and then are able to apply those lessons in our communities. I think this actually brings up a great point, or I hope it brings up a great point, John, is that one of the beautiful things about being a member of asvo, right, and ASBO International and some of our, some of our state affiliations is that you can gain access to folks like myself and other amazing business partners, right, that care deeply about keeping our communities and our kids safe. And so what I find is that we don't, we don't have, we just don't have enough ASPO members, John. That's, that's probably what it is, right?

A

We need to get five or six.

B

New as though members. That's it. But in seriously though, is keeping abreast of what is, what is current, what is a priority or an urgent consideration that you need to have nowadays to keep your community safer? I find that. And I'm not just, I'm not necessarily saying all SBOs, I'm not saying worldwide, I'm just saying generally speaking, it's possible that we all as a community could have more information, we could have greater access and exposure to what it means to be safe. And I'm so thankful that we have an opportunity to connect, to collaborate, to share at something like what we're going to go down and see in just a few weeks in Nashville is gain that exposure and that togetherness, that we can have greater conversations about what it means to be Living out best practices in our communities to serve. To serve our kids and our school leaders and our amazing communities. So those are really my three. You probably wanted one, but his three for you.

A

No, but those are great and very well said. I want to expand on the last thing you said in terms of just really staying current. What is Life Touch doing to stay current with these emerging regulations and compliance? I mean, you're all over the place in terms of the. Your presence. So how do you ensure compliance with maybe different and changing regulation?

B

Number one is I love embedding myself within each of the communities that I serve. And you know, just for my. For our amazing SBO listeners here consuming this content, you know, most of. Most of my. My niche community is in the northeastern part of our country. I'm a national member of our. Of our LifeTouch team, but mostly I serve the northeastern corridor of our. Of our country. And so I've made it. One of my goals is to embed in each of our ASBO communities and to learn, you know, there's. There are amazing folks I've met along the way, like Howie Barber as an example from old Rochester.

A

Love Howie.

B

Howie. Love you, Audrey. Up in Canada, there are some amazing folks that are innovators and lead with purposefulness and lead with integrity and lead with compassion and have a mind's eye towards really understanding and imparting their knowledge to their peers, to their colleagues, and to their choices of business partners, too. And so I make it my business to understand, you know, what are kind of the key priorities, the urgent things that you guys are talking about, because I want to be able to socialize that information in turn back with my team so that we can be a better partner for the communities that we serve, too. So there's no question about it. Number one, we want to be understanding of what the law is, and we have a whole legal team that's devoted specifically to understanding, is that we're meeting and exceeding the requirements that those guidelines and that those laws pose for us. But number two, you know, I'm making it my business to be able to engage with our school business officials and our leaders. There's a reason why AASA and NAESP and NASSP and NCEA and National. You got the point.

A

You got all the acronyms right.

B

Organizations choose Life Touch as their photographer. And the reason is because of that intentionality in meeting and exceeding their priorities and helping them be the very best versions of themselves, too.

A

That's great. Well, you know, Nathan, you're very much in tune with what's going on in the security space? And just working with school districts so closely, so winding down here, can you just. What is the Nathan Pierce trajectory and projection of trends when it comes to just what we're up against with data security and making sure that we're able to not only secure data, but make it accessible and usable for parents and school districts and companies like yourself? What are those trends you see kind of coming down the line?

B

Well, I got to tell you, there are some real really, really cool stuff. And, you know, there's a. There's a term out there that. That people. That people get very scared of and are amazing colleagues and peers in the legal profession. If you talk to Jazz con boy, one of the, you know, the two word phrases that I think probably keeps her up at night is, you know, facial recognition. Right? Oh, my gosh.

A

Yeah. It's a touchy subject, right?

B

Talk about the, you know, the massive gorilla on your back. You know, in terms of the photography space in our industry, you know, there's a real key opportunity for us to be able to harness some of. Some of the benefits of artificial intent, of artificial intelligence. But it's going to be done in the right way, and it has to be significantly consistent, considered, and it has to be rolled out with purpose. And so there are some things that we're considering in terms of our ability to delight our customers and to be able to delight the folks that are, you know, are engaging with the school photography experience. And part of what I mean by that is, you know, I'm always mindful as someone that was a high school and college yearbook editor in chief. Yep. I know.

A

It runs deep, Nathan. It runs deep.

B

Oh, John. You know, they. They kind of say, like, you know, yearbook stuff. It's. It's kind of like the Mafia fight club. You don't talk about fight club, but they kind of stays. Like, once you're in, you're never out. And so from 14 to. However old I am now, you know, I'm in it. So my point in all that, Don, is, you know, I keep thinking is, you know, if I were a yearbook. If I were a yearbook editor, if I had a magic wand, wouldn't it be incredible if I could harness some AI and be able to pull images for not just one student during one specific static event, but immediately. Imagine if I could take AI and pull images from an entire student's trajectory, from the entire journey of a student's student life experience, from opening day convocation, or orientation, if you will, all the way through Senior year through senior prom, and then ultimately taking the Regents Exam and graduation, all that. Imagine if you could curate that experience by harnessing some of the benefit of generative AI. How special is that? Now we're seeing a little bit of that already, right?

A

I mean, yeah, I was going to say, like, if you have an iPhone. Yeah. It does facial recognition. And it really is quite amazing because, you know, as we were talking offline, we both have children. My son is a little over two. He looks very different from day one than he does, you know, a couple months over two. But that AI knows, right. It's able to assimilate all that data and show that. Yeah, here he is as, like a little tadpole baby, and here he is as a toddler running around, you know, blowing stuff up. But it's amazing just how sophisticated the technology is getting.

B

It's incredible. And even I'm always blown away at just how accurate it can be from recognizing my kids from a very, very early age until where they are at their current age. It's. It's almost a little bit spooky.

A

Yeah.

B

But as a. As a professional photographer in my own right, and as someone that appreciates the joy of what photography can bring to our lives, not just in the scholastic arena, too, but. Or in education, but just in general, it's very exciting to be able to see that photography has just a real unique way to connect us all in a special way. Who, when you walk into a room and we're going to do this in Nashville about a million times. Right. Is when you're catching up with folks you haven't seen in a long time. There are a few things that connect us all, like the power of an image of our kids. Right.

A

Yeah.

B

And so I expect that there's going to be a lot of. Oh, my gosh, look at you. There's going to be a lot of that. But there's something really inherently special about that, is that photography helps us to share emotion and to share the joys of what it means to be human and to celebrate this togetherness that we all share.

A

Well, Nathan, thank you for sitting down with me today and just really sharing what LifeTouch is doing, to be in the forefront of securing student data and also really just making those magic moments with those student photos and being able to curate all of that. So I'm looking forward to. Yeah, I'm looking forward to seeing you in Nashville. Hopefully you have a camera in that laser background for me so I can redo my third grade photo.

B

You know, I know a guy.

A

All right, my friend. It's been such a pleasure. Thank you.

B

Thank you, John.

A

Thank you for tuning in to School Business Insider. Make sure to check back each week for your favorite topics on school business.