Questions to ask before you upload student data to any platform
Print this page and bring it to your next vendor demo. Every question links to a plain-language explainer on why it matters.
- How is student data "de-identified," and could a small-town cellist still be recognized in it? why "de-identified" data can still identify a student
- The policy says they never sell data. How does it define "sell"? what "we never sell your data" does and does not cover
- If the company is acquired or goes under, what happens to your students' records? what happens to student data in an acquisition or bankruptcy
- Is anything your students write used to train AI models, and is that default-on? how to spot an AI training clause in the policy
- Are you assuming FERPA protects this data? For your practice, it probably does not. why FERPA probably does not cover your practice
- They have a SOC 2 report. Do you know what it covers, and what it never can? what a SOC 2 report proves about student data (and what it cannot)
- When you delete a student's record, is it deleted, or de-identified and kept? how "delete" can quietly mean "de-identify and keep"
- The platform is free. What is the business model? how free edtech platforms make money from student data
- Could an "aggregate" report about a group as small as your caseload identify one student? why small-group "aggregate" reports are not anonymous
beforeyouupload.org ยท free, vendor-neutral, no affiliation with any platform