Rebecca Gross reports: On Jan. 25, 50 students and 35 faculty and staff members within the Department of Health Services received an email with a spreadsheet that contained personally identifiable information (PII) of more than 9,000 people. Amy Hagopian, associate professor in Health Services at the UW, unintentionally sent the email containing the spreadsheet to…
Category: Education Sector
Delaware Valley School District reviews data breach prevention
This is somewhat encouraging to read. Katie Collins reports: A few policies currently in place that are being studied and possibly updated was the focus of the Delaware Valley School District’s February workshop. The Director of Curriculum and Technology Dr. Gina Vives reported that the greatest change amongst the policies was that of the “data…
St. Louis Community College investigating possible student data breach
KMOV reports: St. Louis Community College said it is investigating a possible breach of student information. The school says an email attachment containing personally identifiable information for 362 students was sent to a small number of other students. The attachment has names, email, ID numbers and home addresses of the 362 students. The school says…
Regulatory Gap: Cybersecurity at K-12 Schools
Nicole Della Ragione and Leora F. Ardizzone report: While data breaches at Equifax, Yahoo, Anthem and Target have made the national news, data breaches at school districts are not as widely publicized. Schools are a treasure trove of children’s personally identifiable information (PII) (e.g., name, address, Social Security number) and protected health information (PHI), as…
Amazon Releases New Guidance on AWS and FERPA
Dian Schaffhauser reports: More than two years after issuing guidance on FERPA compliance and Amazon Web Services, Amazon has updated the whitepaper to lay out the company’s “shared responsibility model” and provide specific guidance on 24 different AWS services. The Family Educational Rights and Privacy Act, in general, calls for schools and agencies to “reasonably…
Former University of North Georgia employee accessed protected student data in Banner
Viktoria Capek-Grey reports: On Monday, Feb. 26, the University of North Georgia’s Office of University Relations emailed all students regarding improper access of Banner information in January. The email cautioned students that a former student employee inappropriately accessed information protected by FERPA (Family Educational Rights and Privacy Act), though it said there is no evidence…