Whose data is it anyway? #rminhe discussion at #cetis12
An hour ago our #rminhe cluster group presented in one of the parallel sessions on the first day of the JISC CETIS conference. The session was entitled Issues around Using Data to Improve Student Retention and our team from Southampton led a discussion around data ownership and privacy.
We gathered our attendees into 4 groups and posed each group with one of the following questions:
- Who are the stakeholders involved in holding data and what are their rights and responsibilities?
- What directory information should be available to everyone on the University intranet?
- Is it reasonable to data mine the student’s trail? Is it OK to use student data for research?
- Who should have access to which data?
The groups were given 10 minutes to discuss and explore their given topic. The following is from a Google Doc created live during the feedback session at the end.
Is it OK to data mine the student’s trail? Is it OK to use student data for research?
- What does it mean? What is the trail? What is legitimate to look at?
- Student declaration – what does it contain?
- Consent for national data set (given to HEFCE and HESA) and for internal uni use.
- Transparency of that statement determines the degree of confidence of whether you can use it.
- Specific function data might have more particular guidelines around it (e.g. certain student services).
- Research? Depends on the research project and whether the work will be published.
What “directory” information should be available to everyone on the University intranet?
- One view: Everything unless there are specific exceptions.
- Another view: Should ‘everyone’ include students?
- What about photos? Do they need it? They can join discussion groups on VLEs. They can see each other on Facebook if they need it.
- Opt-in clause as contractual between uni and student.
- Would staff be happy to give out all details? (Home address and phone number are out of scope!)
Who are the stakeholders involved with holding the data and what are their rights and responsibilities?
- All of the university have some engagement with holding data.
- Parents or SLC might phone up and say they have a right to data because they are paying for it!
- Contractual obligations.
- Managing students’ expectations.
Who should have access to which data?
- Either personalised data or de-personalised data.
- Whoever legitimately needs the data should have it?
- What makes it legitimate? Should you sell to a third party to a book company?
- “Break the glass” situations may need more information.
- Explicit permission is required.
- Anyone can have properly depersonalised data (if only 3 on course, not so).
- Control of access through contact details. Student might be overwhelmed with information.
- If everyone has access to all data there are situations where you do not need all of the data.
Another question: Should students be able to see their own data? How much can you show them?
And the obligatory photos of the sticky-notes our able volunteers made: