An Intro to FERPA and Tableau Platform Considerations: Part 2 – Tableau Public and FERPA Compliance Risk Scenarios
In this second in a series of posts on the intersection of the Family Educational Rights and Privacy Act (FERPA) and Tableau we’ll look at the scenario of publishing a public facing institutional factbook dashboard and point out the hazards to avoid. For an introductory overview of FERPA, see the previous post on this topic.
Let’s Talk About Tableau Public
From a licensing and access standpoint, Tableau Public offers a low-cost and broad delivery solution. Tableau Public allows Tableau users to publish and share their dashboards with anyone who has an internet connection – think YouTube for Tableau Vizzes.
While this is an exciting prospect for institutions seeking budget-saving options to host external facing content, there are significant trade-offs and specific terms of service to be aware with a Tableau Public solution. For instance, when using Tableau Public:
- Governance and protection of data protected by FERPA (or other regulations) can be inadvertently placed at risk by a publisher and is the publisher’s responsibility,
- Service availability is not guaranteed (provided “as is” and “as available”),
- Management of multiple dashboards and dashboard authors is administratively complex, error-prone, and time-consuming, and
- Updating of content or underlying data is generally a manual process.
Regardless of these significant limitations Tableau Public is employed for institutional factbook use-cases in higher education (for a visual example of configurations, see Models 1 and 2 on this post). Accordingly, we’ll examine the topic Tableau Public further to identify what can go right or wrong, with a particular eye to FERPA guidelines, so you can be informed in your external facing content decisions.
When Good Intentions Go Terribly Wrong with Tableau Public
In a nightmare scenario, let’s consider the well-intentioned institutional research analyst, “James”. James is assigned responsibility for compiling and publishing the annual enrollment factbook for his institution.
James is a motivated and ambitious new employee. Since starting, he has been diligently improving his Tableau Desktop developer skills. James recently impressed his IR director, Ellen, with an enrollment visualization produced in Tableau to replace the institution’s current static factbook graphic; Tableau Desktop allowed him to create the interactive enrollment dashboard using data from his institution’s password protected data warehouse he can access.
Next, here’s what James has been able to put together in Tableau Desktop:
James’ dashboard is a major improvement — visually and functionally — over the current posted screenshot of Excel charts. The legacy Excel approach requires significant time to manually recompute underlying data and back-and-forth emailing with the Communications office to update each semester.
Ellen, the institutional research office’s director – a more experienced Tableau user with growing leadership responsibilities – is very pleased James shares her Tableau enthusiasm! In advance of an upcoming cabinet meeting, she asks James to explore the options the institution has for publishing his new Tableau dashboard to the institution’s factbook website. She would like to showcase James’ work at the meeting. Ellen also sees this as an opportunity to discuss her vision of modernizing the institution’s public facing analytics on a broad scale. She sees ready potential for dashboards reporting on community events, conference service venues, and athletic programming statistics to differentiate the institution’s data-driven standing among institutional peers.
James is encouraged. He’s heard from graduate school colleagues at other institutions that Tableau Public is an easy and free way to host a Tableau viz. He signs himself up for a Tableau Public account and in minutes has published his dashboard up for the world to view.
James sends Ellen a link to the published enrollment viz. Now, they just need to contact the communications office to place the embed link into their factbook page – no more back-and-forth hassle to update the visuals each semester. Best of all, they can have this all up and running well before the cabinet meeting, maybe even by tomorrow!
Fortunately, before approving James’s request to contact the Communications office, Ellen decides to take a close look at the Tableau Public link to ensure James hasn’t overlooked any FERPA concerns — it’s a good thing that she does.
PII at Risk
Ellen sees that the new enrollment viz initially displays only aggregate figures and no Personally Identifiable Information (PII) — such as student names or student ids. But, she quickly finds a major problem: all of the PII information is still readily accessible by selecting a mark and clicking on the “View Data” icon. Ellen is able to see all of the underlying records that generate the aggregations, a clear violation of the mandate to restrict access to students’ personal information!
Furthermore, in his haste to publish, James did not restrict the ability for other users to download the full Tableau workbook and data he published to Tableau Public. Anyone who stumbles across James’ Tableau Public profile has access to the last 3 years of student enrollment information from the institution, including names, birthdates, addresses, and locations of origin. This is a major problem.
Ellen drops everything and calls James to inform him of the situation. She directs him to immediately delete the workbook from his Tableau Public profile. Her head spins through the list of people that she needs to alert to this compliance breach: how will she reschedule the rest of her week to address this on top of the upcoming cabinet meeting?
What went wrong?
How could this happen? The proper data governance protocols seem to be in place to limit access to education records to individuals who have a “legitimate educational interest”, such as James. However, James misunderstood some basic mechanics of connecting to data sources, creating Tableau vizzes, and the inherent risks of quickly publishing to Tableau Public. In effect, by publishing up his factbook to Tableau Public, James shared his restricted access to the institution’s education records with the world.
In the next post on the topic, we’ll take a look at a similar use-case but with a more positive outcome following proper consideration procedures. We’ll also touch on options beyond Tableau Public, which make for far more robust external facing solutions.
Tableau Software, (2021). Tableau Public Terms of Service. Retrieved January 4, 2021 from https://www.tableau.com/tos.