Currently allowing employees access to the data they need to perform their jobs is a difficulty and time consuming process that frequently ends with less than ideal results. Overhauling the permission structure to allow more flexibility would allow schools tune data access to the way roles function in their environment. I think virtually everyone would benefit from these changes.
Access would be best suited to follow choice of one of the following options: No Access / View Only / Edit for all data except SSN, sensitive parts of medical and date of birth which should require additional safeguards. Access permissions should be grouped by a set of default employee roles(templates) that can not be changed, but can be copied and customized. This allows a school the flexibility to create customized employee roles. These customized employee roles allow the adding or removing of the appropriate level of access to data for a role in their school environment.
Data permissions should be sensibly labeled with descriptions and should also include a list of places where the data may be viewed from. This limits the propensity for an error in access assignment.
Additionally, the school should have the ability to show or hide the roles from the employment section of a users profile. Perhaps using the active/inactive style options already available in parts the product to avoid clutter in the employment section of the user profile. As an additional safeguard, prevent any custom employee role from being marked inactive until all users have been removed.
Perhaps including a warning on data combinations that could potentially violate FERPA/HIPAA/COPPA/GDPR/CCPA or some other privacy law.