Data Privacy & Security Service
Data Privacy & Security Service Digital Digest Fall 2016
In This Issue
THE GROWING THREAT TO DATA
Page 1: School district computer systems attacked by ransomware
Is your school district prepared for a ransomware attack?
New York State Comptroller Gives More Attention to SIS Page 2: Click-through Agreements and your Data
The Rhinebeck school district experienced a ransomware attack at the end of the school year. Ransomware is a malicious software designed to block access to a com- puter system until a sum of money is paid. This type of attack can affect any school district or organization. This ransomware attack did not result in the loss of any data or files, but it took the district nine hours to trace the problem and restore the system using off-site back- up files. These types of attacks can get into the system as easily as someone opening up an email.
Pokémon Go and Your District
Page 3: How to Protect Your Data
Questions to think about:
Where is your district data?
View Full Article and Further Information See Data Breach Response Checklist to help your district be prepared. Homeland Security Recommendations on Mitigating Threats
Who is responsible for data in your district? Do those responsible for data know what to do and what not to do? About This Issue In this issue, you will find articles and other information about protecting your data and how to make sure your dis- trict’s data stays secure. The infor- mation contained in this article is rele- vant both on a district-wide level, as well as on a per-user basis. As users download apps and sign up for web- sites, an increased awareness of the implications and exposure of student data becomes necessary.
NEW YORK STATE COMPTROLLER GIVES MORE ATTENTION TO SIS
The NYS Comptroller’s Office significantly increased the depth and breadth of ques- tions they ask about district data privacy and security. In the past, the Comptroller was primarily interested in districts’ financial data and systems. District audits in the 2015-16 school year saw a dramatic increase in the attention paid to Student
Information Systems (SISs) by the NYS Comptrol- ler. Between November 2015 and May 2016 the number of audit questions about a district’s SIS grew from two pages to nine. RICs recommend that districts anticipate the need to respond to these questions.
SED Appoints Temitope Akinyemi as Chief Privacy Officer (CPO). The CPO will develop, implement and oversee the Department’s poli- cies and procedures to ensure the privacy and confidentiality of stu- dent, teacher and principal data.
Click here to view the Comptroller’s Questions.
Made with FlippingBook