Which option describes a key data privacy practice in schools?

Protecting student information hinges on handling data securely and restricting who can access it. In schools, a standout practice is to store data securely, limit access to those who need it, collect only what is necessary (data minimization), comply with FERPA and protections for PII, and have clear data-sharing protocols. This approach directly reduces privacy risks: secure storage guards against breaches, restricted access limits exposure to only appropriate staff, data minimization lowers the amount of sensitive information at risk, FERPA/PII compliance ensures legal protection and proper handling, and clear sharing protocols prevent unauthorized disclosures. Sharing data with all staff would broaden access beyond need and increase risk. Keeping data in unsecured folders creates an open door for unauthorized viewing. Eliminating data retention ignores legitimate uses for records, accountability, and compliance. So the combination of secure storage, restricted access, data minimization, FERPA/PII compliance, and clear data-sharing protocols best supports student privacy.