Andy Ross of the Killeen Daily Herald had some additional information on the Killeen ISD data breach reported earlier this week:
KISD spokeswoman Leslie Gilmore confirmed on Tuesday that documents containing Social Security numbers and other student information were found Sunday evening near Old FM 440 and Stan Schlueter Loop in Killeen.
[…]
Gilmore said the school district has only seen a classroom textbook list that contained Social Security numbers next to names of students. She said the school district stopped using Social Security numbers in 2008 as a means to identify students.
Gilmore said the district has no specific policy on shredding documents, but all KISD employees are given a handbook each year that outlines the expectations regarding student/employee personal information remaining confidential.
The school district has asked the Killeen Police Department for help in determining the “hows and whys” of the incident, Gilmore said.
The district has no policy on the secure disposal of student records that are supposed to be protected by FERPA? And Texas has no law on secure disposal of paper records containing sensitive information?
What is so very wrong with this picture?