Our Foundation of Privacy
Privacy and the protection of personal and customer information are of paramount importance. Cyberattacks and I.D. theft can alter lives. The privacy and usage of data is appropriately in discussion in nearly every industry. Instructure takes its responsibility of protecting your data seriously. As a technology company, our clients and the students, teachers, and businesses who use our products are valued partners and we are committed to their success. We want to be a leader setting a high bar among technology companies for responsible use and protection of data.
We often get questions about data, privacy, and security. What “data” is, and how it is used, is changing all the time. Instructure continues to learn what this means for our customers, for us, and for businesses and organizations who have data. That’s a good thing, because we’re all in this together—and for the long haul.
First, you need to know about our Foundation of Privacy. Instructure protects personal information and continuously takes measures to keep it safe. Instructure does not sell your personal information, and we will only use your information in connection with your usage of our platform.
What We’ve Done
We have a longstanding practice of undertaking internal privacy assessments of our products and have an appointed Data Protection Officer to oversee our internal “privacy by design” efforts. We routinely conduct exercises in data mapping to ensure we know what personal information we have, where it is kept, and how it is accessed. We’ve built our General Data Protection Regulation (GDPR) compliance efforts on this foundation, including developing procedures to cover all rights individuals have under GDPR.
Instructure is actively involved with industry organizations that share the goal of advancing the protection of your personal information. We worked with the California Educational Technology Professionals Association (CETPA) to help with statewide agreements regarding privacy protections. We have supported and signed the Student Privacy Pledge. We are part of industry working groups like the Future of Privacy Forum, which assembles organizations like ours to advance privacy practices.
Several other industry groups and councils have put together standards for the ethical use of student data that we continue to learn from. A few years ago, a group of educators, scientists, and scholars met at the Asilomar Convention for Learning Research in Higher Education with a goal to put together “a framework to inform decisions about appropriate use of data and technology in learning research for higher education.”
Conclusion: Better Together
Taking all of this into consideration, we will move forward with a growing knowledge of ways that we can make data useful for our customers and the public while still protecting it. To that end, we are engaging government and regulators to ensure that our standards meet and/or exceed the standards in the future privacy landscape, we are continuing to build products and services that will be in compliance with the next privacy regulations, and we are developing processes so that any identified data that will be used in our analytics tools will be de-identified
When used correctly, data can help people and institutions make better-informed decisions. Instructure wants to be part of the larger data privacy conversation so that we can grow and learn at the same time. We will continue to gain, and then share, insights with the larger education community on how to utilize data appropriately. We want to help drive this evolving space and it requires conversation.
Like other projects, protecting data and your personal information needs to be done as a team. We want to work with you so we can learn from each other. That way, we can face and understand more about these ever-evolving challenges, together.
Chief Legal Officer, Instructure