3 billion affected, $350 million lost. 148 million records affected, $800 million lost. Class Action Lawsuits. Damaged reputations, fines, and troubles, oh my! These are just some of the figures pulled from the last decade’s data scandals, and that doesn’t even scratch the surface. Imagine if your organisation was hacked and all of your student’s data was compromised. The headlines alone are probably enough to make your head spin.
You aren’t alone in feeling unsettled. “Big Data” is synonymous with the boogie man these days. Concerns are growing more than ever surrounding what data is being collected, and more sinisterly, who it’s being sold to and how it’s being used. It’s safe to assume that when it comes to collecting online data, not everyone has the user’s best interests at heart. With cybercrime on the rise, the need to protect your data is at an all-time high.
Big data analytics offers incredible opportunities in e-assessment: from creating better exams and supporting at-risk students to making customised learning and assessment experiences possible. But how can we balance these opportunities with the clear and important need for data protection?
Big Data is not a new thing
Companies have always been collecting data on their customers, even before the dawn of the internet. In the ’80s and ’90s, consumer data collection was seen as a largely good thing, as stores and cafes would use the information to improve the customer experience and build excellent customer rapport by knowing their customers so well that they anticipate their needs and make suggestions based on previous orders. Your typical “the bartender knows my order” experience where you feel like your local pub or cafe is your own living room. Online data collection is no different.
For the most part, data collection was well-received and made consumers feel appreciated, listened to, and valued, which in turn helped nurture the relationship between customers and corporations. As you might have guessed, this symbiotic relationship facilitated the ramping up of data collection, and there are no signs of stopping any time soon.
Today, people are much more aware of data privacy and are increasingly feeling that it’s gotten far too intrusive. At best, Google starts targeting you with oddly specific ads, and at worst, sensitive data leaks might spell disaster for reputations and public trust.
What does this mean for online exam platforms?
There are several points during the e-assessment process that require user data: From signing up to the online exam platform to creating marker profiles and allowing proctors access to test taker devices so they can monitor their online exams. The data e-assessment platforms collect is critical to creating better exams, but how? And how are they ensuring that your privacy is kept safe? Read on:
Data powers learning analytics
Learning analytics within assessment tools in education is much more than a tool; it is a process that can span many diverse approaches to help improve exam outcomes. Learning analytics focuses on providing actionable information that can improve the entire learning and testing process. Using this data can prove incredibly powerful for your organisation, when applied in a meaningful way. It improves the training of employees, the learning and assessment of students, and transforms formative testing overall. So why is this important, and what can you do with this data?
Access Learning Behavior
Accessing and collecting learning data is nothing new, as learning and assessment professionals have been doing so for quite some time. An example of some of the information collected is:
- Number + timeframe of training completions
- Assessment scores
- Who is taking the exam or training program, whether it be an individual or a team
Learning analytics can collect user-generated data from learning and testing activities and offer trends in e-assessment engagement. Analysing those trends can reveal students’ testing behaviour and identify their assessment styles. This approach measures engagement and student behaviour rather than performance, giving instructors insight into how their students interact with their exams.
Improve testing materials & tools
Analytics can track a student’s usage of learning materials and tools to identify potential issues or gaps and offer an objective evaluation of testing materials and tools. This allows instructors to make deliberate decisions about modifying approaches. Using aggregate student data, instructors can see ways to improve the testing process or the structure of their exams.
Adaptive or individualised testing systems and assessment tools in education apply learning analytics to customise course content for each learner. Furthermore, user profiles and other data sets can be collected and analysed to offer greater personalised testing experiences. This approach uses continuous feedback to help individual students in their exam environment.
With an enhanced and quantitative understanding of what your learners know and what they do not know, training teams and instructors can customise learning experiences and long-term retention. For example, if a test-taker is taking longer than normal to complete a lesson or an answer, they can be given additional resources that would help them, based on their individual, unique learning style. Conversely, advanced students that fly through a training, could be given more complex material to challenge them and expand their knowledge.
Predict performance and help at-risk students
By using existing data about learning engagement and performance, learning analytics can also apply statistical models and machine learning techniques to predict later performance. If an individual performs poorly on an assessment or has a history of answering industry or job related items incorrectly, it’s usually a sign they need some additional support. Learning analytics can identify likely at-risk students for targeted support. The focus here is on using data to prompt the instructor to take immediate action to intervene and help a student course correct before it is too late.
In corporate training, learning analytics can be especially helpful. Not only can it indicate poor-performers who need additional help, it also identifies high performers that may be able to offer help to their teammates.
Using data to save money
Don’t be shy, we know you want to see fewer dollar signs deducted from your account every month. Training and testing employees and students is one of the mostly costly events, and without the right data, your organisation may not even know how effective it truly is. A staggering thought.
Learning analytics, though, improves overall efficiency and long-term cost savings.
If you know, through data, that learners already understand a topic, it is not a value-add of your time to continue to train on that topic, or assess them heavily in that particular area. Alternatively, you can create targeted exams for other learners, new hires or those that require foundational review and “refresher” programs for those that already understand the topic.
The cost of an effective and measurable training, learning, and assessment program likely will significantly outweigh the costs of potential incidences, immediately proving the value of your program. Time is money, and learning and assessment data saves a ton of time.
But what if all this data falls into the wrong hands?
Okay, we’ve sung data’s praises, but there’s always the fear that it’ll fall into the wrong hands with data breaches, hackers, or companies with less-than-ethical intentions. If you’re collecting student and employee data, you’d better make sure you can walk the walk in keeping it safe. There’s a number of protections in place, some legal requirements, and some additional optional options to keep an eye out for:
Many astute organisations use their GDPR compliance responsibilities to take a hard look at how well they’re managing customer and client data storage, processing and management responsibilities. By protecting consumers’ privacy, organisations not only avoid potential penalties, but they can also unlock hidden reputational and brand value. Even if it’s compulsory, the dedication and pride behind following the GDPR guidelines signals to those watching that you pride yourself on maintaining privacy and protecting your customers’ most sensitive data.
Privacy is the key to trust. The last thing you want to convey is that you play loose and fast with data. At best you’re labelled sloppy, and at worst, underhanded and shady.
ISO 27001:2013 certification
ISO 27001:2013 is an international security standard that governs best practices for how organisations manage their data. It is a voluntary standard, but companies that seek this certification commit to upholding strict guidelines on keeping sensitive information safe and secure at all levels of their organisation. It is currently the gold standard for information security and goes a long way towards ensuring both exam integrity and data privacy.
Other general security measures that signal that an organisations takes its data security seriously include:
- They offer military-grade encryption of Data at Rest and in Transit. That means that both data that is stored on the e-assessment platform (Data at Rest) and data that is moving from network to network or cloud to network (Data in Transit) is protected from prying eyes.
- They run regular penetration tests that simulate cyber attacks against the system to thoroughly test the system’s defences.
Role-based access control
People tend to be the weak link in data security. This means that the more you can restrict access to content, the more you reduce the chances of a data leak. This is where role-based access control (RBAC) comes in. This compelling feature lets you restrict system access based on a user’s role and responsibilities within the organisation.
A secure e-assessment platform will let you assign different permissions levels to different users so that they have access only to the data they need to perform their jobs. For example, you can:
- Share your item bank with external item developers, but restrict their access to those topics and items they are actively working on;
- Divide the marking workload safely by giving internal and external markers only access to certain items;
- Let some individuals create or modify files while providing others with viewing permission only, and so on.
RBAC can help you keep track of all the roles in your organisation while keeping even the most sensitive information private.This is especially powerful in combination with an audit trail. Basically, an audit trail lets admins see which user changed (edited, deleted, exported) what item, when. This feature obviously helps uncover data leak culprits, but more importantly, it has a significant preventive impact as well.
Data collection comes with its fair share of criticism. However, when organisations take the necessary precautions to protect the data from those with nefarious intentions, it has incredible potential to create a better learning and assessment experience.
Curious about how we use data for awesomeness? Sign up here for a demo!
Cirrus achieved ISO-27001:2013 certification for the hosting, development, maintenance and service in 2022.