The Moment That Changed Everything 

The American School in Japan (ASIJ) thought they had a good handle on their data — tight permissions in Veracross, documented policies, parent consents, and annual security trainings. Then a student emailed the Head of School: their name was wrong in the yearbook. 

There was a mismatch between the identity a student used at school and the name that made its way into downstream systems and print workflows. That one message triggered a year-long, cross-functional review led by Josh Raub, Manager of IT Services at ASIJ. This project reshaped how the school treats names, updates processes, and socializes policy across the community. 

The lesson for tech leaders: being compliant isn’t the same as being a steward. Stewardship is about protecting people and honoring their identity in every system your school touches. 

 

From Compliance to Stewardship 

Compliance asks, “Are we meeting the letter of the law?” Stewardship adds, “Are we protecting and representing our community accurately, respectfully, and consistently?” 

For schools, that means: 

  • Treating data as students’ and families’ identity, not institutional property 
  • Designing policies people can actually follow — and auditing that they do 
  • Preventing “spreadsheet sprawl” and shadow systems that quietly drift from your source of truth creating difficulties in managing and monitoring data 
  • Anticipating edge cases (divorce, passports vs. preferred names, high-risk students, transliteration, etc.) and making them easy to handle by design 

 

ASIJ’s Names Project (what changed and why it worked) 

The Problem
Multiple systems and exports were inconsistent about which “name” field they used (first vs. preferred). Well-intentioned staff created personal spreadsheets to solve edge cases for yearbooks, transcripts, photographers, and rosters – which introduced room for error. 

The Process
IT partnered with Communications and Safeguarding, then interviewed the people most impacted (e.g., LGBTQ+ students, high-risk families, international passports). They used a “design to the edges” approach: solve for the 5% of complex scenarios, so the solution works for 100%. 

The Policy Decision
ASIJ redefined the First Name field to mean “the name aligning to the person’s identity used at school.” 

  • Legal name is still collected and protected, but stored in a separate field (e.g., Veracross “Other/Local Name”) that is not pulled by default into documents and reports. 
  • Default outputs (like report cards) use First Name; families can request legal-name versions when needed (e.g., government paperwork, transfers). 

Why it Succeeded 

  • Reduced ambiguity: one canonical name for everyday school life. 
  • Less manual work: dramatically fewer one-off fixes. 
  • Better accuracy: legal names were actually more complete after the change. 
  • Clear training & guardrails: staff stopped keeping private lists “just in case.” 

 

The Importance of People and Process 

Even the best SIS can’t fix culture on its own. What ASIJ surfaced (and what most schools share): 

  • Shadow data is your enemy. If people export to sheets “to be safe,” your single source of truth isn’t single. 
  • Intent matters. Policies must explain why—not just what. When staff understand purpose, they stop over-tightening on their own. 
  • Train to outcomes. “Use the SIS” isn’t enough. Show how specific workflows (yearbook, transcripts, photos, athletics) pull fields, and where mistakes happen. 

Minimal Viable Controls 

  • Make SIS → Everything your default pattern. Ban “hand-kept” name lists. 
  • Create a Names owner (not just IT—loop in Communications & Safeguarding). 
  • Publish workflow maps (e.g., how names flow to photographers, LMS, athletic systems). 
  • Quarterly spot checks of high-risk outputs (yearbook proofs, transcript templates, bulk emails). 
  • Annual policy review (tie updates to real incidents and retrain). 

 

Vendor Vetting (without grinding innovation to a halt) 

Once you’ve strengthened your internal data practices, the next challenge is what happens outside your walls. Every new app, plug-in, or “free” service a teacher tries adds another doorway into your school’s data ecosystem. 

Independent and private schools thrive on innovation — teachers are creative, resourceful, and always looking for tools that enhance learning. That spirit should be encouraged, not stifled. But without a structured process for evaluating new tools, it’s easy for good intentions to create hidden risks: student data scattered across third-party systems, inconsistent permissions, or vague privacy terms no one has time to read. 

The goal isn’t to slow innovation down — it’s to channel it safely. A thoughtful vetting process gives teachers freedom to explore while protecting the community’s trust and ensuring compliance. When educators see that the review process helps and doesn’t hinder them, they’re more likely to participate early instead of work around IT later. 

A Pragmatic Vetting Flow 

  1. Start with purpose: Before reviewing any terms or privacy policies, ask: Does this tool actually support a curricular or operational goal? If not, stop here. 
  2. Identity and access: Prefer vendors that support single sign-on (Google or Microsoft), granular permissions, and separate environments for student data. 
  3. Data handling: Require a clear privacy notice outlining data retention, deletion timelines, and third-party subprocessors. Avoid any service that claims ownership of your users’ data. 
  4. Contractual guardrails: For tools involving student information, ensure written agreements (DPAs, SCCs, or equivalents) define how data is stored, used, and destroyed—and prohibit resale or secondary use. 
  5. Independent validation: Favor vendors who have completed third-party privacy or security assessments and are willing to share the results. 
  6. Lifecycle management: Keep a central record of every approved vendor, including purpose, data type, and renewal date. Have an exit plan for exporting or deleting data if the service ends or changes hands. 

Change Management Tips 

  • Configure your domain to require approval for new third-party OAuth apps. Customize the denial message to invite collaboration:
    “We’re excited you found this — submit a quick intake form and we’ll help review it.” 
  • Publish an Application Library listing approved tools, their purpose, and any data considerations so teachers can explore safely and confidently. 
  • Provide quarterly refreshers for department heads and curriculum leads so vetting becomes a habit, not an afterthought. 

 

Closing Thought 

“Who owns my data?” is the wrong first question. The right one is, “How do we steward our community’s identity with care, precision, and dignity? Start with names. Build the habits. Then extend that same stewardship to AI, vendors, and every system that touches your school. The payoff isn’t just fewer mistakes — it’s trust. 

To dive deeper into ASIJ’s journey, you can watch the full webinar recording here.