Student Privacy & K-12 Data Governance


OPI Data Governance Committee - The OPI Data Governance Committee establishes and enforces policies related to the collection, access, use and dissemination of all information and data at the OPI, including student information. 

OPI Student Records Confidentiality Policy - All student information and data published by the OPI follows the OPI’s Student Records Confidentiality Policy, which prohibits the OPI from disclosing data from student groups that are 5 or fewer in number or would otherwise reveal the identity of an individual student.  Montana has many small schools and small sub-group populations where an individual student’s identity could be revealed without this safeguard. In places where data has been suppressed to protect student privacy, you will see an asterisk ( * ) instead.

OPI Student Records Confidentiality Training

Decorative Image

Family Educational Rights and Privacy Act (FERPA) -  Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.

Parent's Guide to the Family Educational Rights and Privacy Act: Rights Regarding Children’s Education Records

Parent's Guide for Understanding K-12 School Data Breaches

Transparency And Public Availability Of Public School Performance Data -- Reporting -- Availability For Timely Use To Improve Instruction (20-7-104, MCA) - The State of Montana law specifies what student data may be collected and how it can be shared and disseminated.

Student Records Confidentiality Policy

Data Governance

The Office of Public Instruction (OPI) is required to collect and report specific data elements to the USED in order to support planning, policy-making, and management/budget decision-making at the federal level. The OPI has a standard to: 

  1. not collect any data we are not required to report
  2. reduce as much burden or redundancy as possible on the schools and districts who submit data
  3. promote transparency about the results of the data to our wide range of stakeholders.

Data collected by the OPI can be found in our GEMS Data Warehouse. For more information about data being reported to the USED, visit the US EDFacts Initiative page.

Data Governance Manual

OPI Data Governance Committee

The mission of the OPI Data Governance Committee (DGC) is to establish and enforce policies related to agency data collection, management, and reporting.

Guiding Principles:

  • Ethics and security will be a part of every decision the group makes.
  • Members have the authority and commitment to make policy recommendations and decisions.
  • Members will bear in mind legal considerations, including Family Educational Rights and Privacy Act (FERPA), when making decisions.
  • Data quality will be considered when making decisions.

The OPI Data Governance Committee is made up of Data Owners and others at OPI with a high level of responsibility regarding data. Each data element that is collected and reported on is assigned a Data Owner. The Data Owner is responsible for defining how data is defined, collected, quality assured and reported, as well as provides guidance around how to use it appropriately.

Data Governance Committee Charter


Core Data Stewards Committee

The Core Data Stewards Committee is made up of staff throughout the agency who have been designated by a Data Owner as a Data Steward to carry out day-to-day responsibilities, actions, and management regarding the data within their area of responsibility. The Core Data Stewards Committee is a collaboration of OPI Data Stewards and is managed and coordinated by the OPI Data Governance Facilitator.

  • Data Stewards
    These individuals manage data elements at various points of the data lifecycle. They act on behalf of the owner to carry out certain responsibilities related to program data elements/categories (in accordance with the business and technical rules set forth for that data element). Data stewards are a subset of Data Owners; In most cases, data are “owned” by senior business leads that have the authority for sensitive data, and those owners will delegate their rights to stewards for managing the data.
  • Data Owner
    For each data element that is collected by the OPI and reported to the USED, a Data Owner will be assigned. The Data Owner is responsible for defining how data is defined, collected (working with Data Governance and Core Data Stewards Committees) and quality assured and reported, and guidance around how it is used appropriately.

For more information, E-Mail: Jamey Ereth, Data Governance Manager at

Resources for Districts

Montana Student Privacy Alliance - The 2019 Legislature passed the Online Protections for Pupils (20-7-1325, MCA) and Pupil Records -- Online Privacy Protection (20-7-1326, MCA) laws to further protect the privacy of Montana students.  The Montana Educational Technologist Association (META) and Office of Public Instruction have collaboratively developed the Montana Student Privacy Alliance as a resource for districts to find and share terms of service, agreements and contracts.


TrustEd Apps - The TrustEd Apps program is a process developed by the non-profit learning consortium Global IMS to vet applications and certify them for data privacy.  Most educational applications are created and managed by vendors who do their best to protect the identity of the individuals accessing the system and the data that they generate. However, a comprehensive review of student privacy, data security, and other safety issues is the responsibility of the school or district to ensure that appropriate safeguards of student data are in place. Using vetted educational applications can provide additional assurance that the information gathered by these educational applications is being used responsibly.


Checklist for Developing a School District Privacy Program


Student Privacy Toolkit - From the Student Privacy Forum, this toolkit provides information about how schools and districts use and protect student data, but also provides guidance on how to communicate with students about being responsible digital citizens and protecting themselves online.


US Department of Education K-12 and Higher Education Data Security Page - This page is a portal to guidance and best practice resources for the educational community to use to enhance the security of their information systems. 

  • Join the US Department of Education Student Privacy Listserve to be informed about updates and new information.

OPI Staff are here to help:

Chris Sinrud, Chief Information Officer, 406-444-4451

Jamey Ereth, Data Governance Manager, 406-444-4409

Harlan Reidmohr, Data Control Specialist, 406-444-7490

Meet the Data Governance Team

K-12 Data Task Force