School Business Insider: Capturing Moments, Protecting Privacy – LifeTouch’s Data Security Strategies

Introduction

In the September 17, 2024 episode of School Business Insider, host John Brucato delves into the critical subject of data security within school districts. Joining him is Nathan Pierce, National Sales Executive at LifeTouch, a renowned company trusted by educational institutions for over 90 years in capturing and preserving school memories. Beyond photography, LifeTouch is committed to safeguarding student data and privacy. This episode explores LifeTouch’s sophisticated data security measures, the importance of protecting student information, the challenges faced by schools, and best practices for vendor partnerships to ensure data safety.

Importance of Data Security in Schools

John Brucato opens the conversation by highlighting the paramount importance of data security in educational settings, especially when dealing with student information. He underscores the risks associated with third-party data handling and emphasizes the need for schools to ensure that their partners prioritize data protection.

“[...] entrusting that partner has the same intentionality and purposefulness as required by your unique district, but also by the law.” ([07:27])

Nathan Pierce responds by stressing the urgency for school business officials to remain proactive in understanding and implementing data hygiene best practices. He cites recent incidents, such as a district paying $80,000 to restore services after a cyber-attack, illustrating the severe financial and reputational repercussions of data breaches.

“There are a lot of moving parts and pieces. But if you think about how our school districts utilize data and utilize image information, there are so many moving parts and pieces.” ([07:27])

LifeTouch’s Data Security Strategies

Pierce elaborates on LifeTouch’s comprehensive approach to data security, aligning with stringent state laws like New York State Ed Law 2D. He explains the mechanisms LifeTouch employs to ensure secure data transmission and storage, emphasizing the use of secure, encrypted portals and delegate access to manage permissions effectively.

“Our secure encrypted portal meets and exceeds the requirements that Edlaw2d and others have.” ([29:32])

LifeTouch prioritizes the secure handoff of personally identifiable information (PII) and image content, ensuring that data is transmitted through protected channels rather than vulnerable methods like email or unsecured flash drives. Pierce recounts a personal anecdote about discovering an unsecured flash drive, highlighting the potential risks of such practices.

“And so it’s really important for our school business officials to be on the front foot and learning some of the best practices for data hygiene.” ([04:45])

Best Practices for School Vendors and Partnerships

A significant portion of the discussion revolves around best practices for schools when selecting and working with external vendors. Pierce advises schools to:

1. Avoid Using Email for Sensitive Data: Email is susceptible to phishing and other cyber threats. Instead, use secure, encrypted portals for data transmission.

   “Stop using email. And very commonly, and it’s almost to a fault, ask there was a reason why people called me, [...] pick up the phone.” ([46:15])

2. Build Strong Relationships with Vendors: Establishing trust and maintaining open communication channels ensures that data protection measures are understood and upheld by both parties.

   “It’s all about great communication and it’s all about building a relationship that’s predicated on trust.” ([29:32])

3. Conduct Thorough Audits and Assessments: Schools should regularly audit their partners’ data handling practices to ensure compliance with legal standards and internal policies.

Pierce also emphasizes the importance of role-based access control within LifeTouch’s systems, ensuring that only authorized personnel can access specific layers of data, thereby minimizing the risk of unauthorized access.

“Identify who needs what layer of access for the basic functions that they’re undertaking.” ([29:32])

Challenges and Adaptations in Different School Settings

The conversation addresses the unique challenges faced by rural and urban schools, particularly concerning reliable internet access and technological resources. Pierce acknowledges these disparities and outlines how LifeTouch adapts its services to accommodate varying levels of infrastructure without compromising data security.

“When you lead with that, John, they get it. There are some other parts too. I mean, as I experience more and more...” ([41:18])

Pierce stresses that LifeTouch does not compromise on security, even when working with schools facing technological limitations. Instead, they collaborate closely with each district to find suitable solutions that meet both security requirements and operational capabilities.

Future Trends in School Photography and Data Security

Looking ahead, both Brucato and Pierce discuss emerging trends in technology and their implications for school photography and data security. Pierce highlights the potential of artificial intelligence (AI) and facial recognition in enhancing the photography experience while also bringing forth new security and privacy considerations.

“If I could harness some AI and be able to pull images from an entire student’s trajectory... imagine if you could curate that experience by harnessing some of the benefit of generative AI.” ([56:15])

They acknowledge the advancements in AI, noting both its benefits in streamlining processes and the ethical challenges it poses, particularly regarding facial recognition and data privacy.

“Some of the things that connect us all, like the power of an image of our kids.” ([60:40])

Conclusion

In closing, Brucato and Pierce reiterate the critical balance between capturing cherished school memories and ensuring robust data security. Pierce underscores LifeTouch’s unwavering commitment to protecting student information while fostering memorable experiences through photography. The episode serves as a comprehensive guide for school business officials seeking to navigate the complexities of data security in their partnerships with external vendors.

“Those are really my three.” ([51:41])

John Brucato wraps up by expressing appreciation for Pierce’s insights and looks forward to future collaborations aimed at enhancing both data security and the school photography experience.

“Well, Nathan, thank you for sitting down with me today and just really sharing what LifeTouch is doing...” ([61:01])

Key Takeaways:

• Data Security is Paramount: Schools must prioritize safeguarding student data, especially when working with external vendors.
• Secure Data Transmission: Avoid using email for sensitive information; utilize encrypted portals and secure methods.
• Build Trusting Relationships: Open communication and trust between schools and vendors are essential for effective data protection.
• Adapt to Technological Challenges: Tailor data security strategies to accommodate varying levels of technological infrastructure across different school settings.
• Stay Ahead with Emerging Technologies: Embrace advancements like AI responsibly, balancing innovation with ethical considerations in data privacy.

This episode of School Business Insider provides invaluable insights into the intersection of school photography and data security, offering actionable strategies for educational institutions to protect their most sensitive information while preserving the moments that define student life.