Frank Wiley of KSDK recently reported:
The curriculum is the least of parents’ worries in the Riverview Gardens School District.
Sensitive information was tossed aside for anyone to grab papers were filled with student’s phone numbers, ages, pictures and even Social Security numbers.
[…]
The district says it didn’t know this was happening. The director of safety and security, this will be “looked into.”
So… what duty is there to notify affected students’ parents under FERPA, the federal law protecting the privacy of education records? Oh, that’s right, there is no such requirement.
And what duty is there to notify about breaches involving such paper records under Missouri state law? None, you say?
And which of the many proposed federal data breach notification laws address notification of breaches involving such paper records? None?
C’mon Congress…. we need a federal floor on notification of breaches that doesn’t ignore the risk of paper records getting into the wrong hands.
Hey are we all going to sit back and let this website be the only voice about paper breaches? Let’s back them up and all holler to our legislators