When most K12 leaders hear the word “paperless” they probably think of sustainability and “going green.” But they should also consider how going fully digital will make student records and other data more secure, says Beverly Miller, assistant director of schools and chief technology officer for Greeneville City Schools in Tennessee.
She encourages her fellow district CIOs and CTOs to begin moving their school systems into a future without paper. “Paper records, stored in one location, in a non-environmentally controlled warehouse, for instance, are much more at risk than digital records secured by digital passwords,” Miller asserts. “People hang onto the thought that, if I have something in a filing cabinet, I can always get to it.”
But what those hypothetical school personnel may not be thinking about are unexpected situations such as fires and other natural disasters; they may also not fully understand the concept of a data breach. File cabinets can be broken into just as databases can be hacked, and hard-copy documents left on a fax or copy machine can easily be stolen, she notes.
Greeneville City Schools has made several aspects of their administration paperless, including personnel files and the sharing of transcripts when students transfer in and out of the district. Colleges and potential employers can also use a portal to access a student’s digital transcripts. The transcripts themselves are stored in the district’s ScribOnline cloud archive. Greeneville City is logging all current and future data digitally at the same time staff are also digitizing historical records.
Going paperless was a multi-stage process, starting with convincing other district leaders of the security benefits and other reasons to make the shift. “If you have information stored digitally, one keyword search shows me all of the instances,” she says. “You don’t have to worry about in which file cabinet or in which building it resides.”
What you need to go paperless
The security of digital records, of course, relies solely on the security practices of the staff members and users who manage and have access to the information. This group includes students, their families and other members of the community. “There is no cybersecurity mitigation or prevention tool that is greater or stronger than the person sitting in the chair touching the keyboard,” Miller points out.
When training district staff in cybersecurity, she tries to make the risks personal. For instance, she encourages people not to carry their social security cards in their wallets. She also informs people who don’t think they use computers very often that they are interacting with technology—and the associated risks—when pumping gas or checking out at the supermarket. And she urges staff and students to protect the “golden three”—their full legal name, date of birth and social security number.
“When you get on an airplane, the flight attendant tells you that if the cabin loses pressure and the oxygen masks drop, you should put yours on before helping others,” Miller adds. “Cybersecurity works the same way.”
It all starts with passwords and getting staff and students not to use the same password on multiple sites or applications. Another key is keeping technology up to date. Greenville City’s teachers get new laptops every three years, and the software installed allows IT staff to install critical security patches without waiting for the user’s approval.
Miller, herself, plans to leave no paper trail behind when she retires at the end of this school year. “All my work to help the next person will be accessible through a query, a keyword search in a dynamic database,” she concludes. “That sets our organization up for a more secure environment and will also make them more productive and more effective.”