Coming Soon! RIC One GST Data Privacy & Security Awareness Training
We are pleased to announce that GST RIC has developed online Data Privacy and Security Awareness Training designed specifically to meet the Annual Employee Training Education Law 2-d Part 121 requirement. The course consists of three modules:
Meet Linnette Attai, President and Founder of PlayWell, LLC
•
Understanding Laws, Regulations,
When we have questions around Student Data Privacy we know exactly who to call: Linnette Attai, President and Founder of PlayWell, LLC. Linnette has been guiding organizations on data privacy governance and user safety for over 25 years and speaks nationally on data privacy matters. You may have been fortunate enough to sit in on one of her sessions at ISTE or at the annual Future of Education Technology Conference. Her sessions are always informative and never disappoint.
Linnette is also a TEDx speaker and the author of the books, “Student Data Privacy: Building a School Compliance Program,” “Protecting Student Data Privacy: Classroom Fundamentals,” and the forthcoming, “Student Data Privacy: Managing Vendor Relationships” (Summer 2020), published by Rowman & Littlefield. Even with all of these accomplishments and commitments, Linnette has always been accessible and available to support the RIC One Data Privacy and Security Initiative. When asked to provide a DPS Digital Debrief or to participate in a virtual book chat, Linnette has always agreed without hesitation. Because Linnette is always ready and willing to share her data privacy expertise, Nassau BOCES/ RIC and Eastern Suffolk BOCES/RIC were able to establish a virtual book chat on Linnette’s first book “Student Data Privacy: Building a School Compliance Program.” We believe this book is a must-read for district administrators responsible for data privacy and governance. In addition, Linnette’s interview for the DPS Digital Debrief provided steps for school districts to manage and protect their student data. Note: This recording can be accessed by DPS subscribers at riconedpss.org. Visit PlayWell, LLC to learn more about Linnette and her global compliance consulting firm.
Policies, and Procedures
•
Understanding, Recognizing, and Avoiding Threats
left off, what modules have been completed, and a progress bar shows users where they are in terms of completing the course. DPS districts will be notified when the training is available and will need to contact their local RIC to access this new online training resource.
• Developing Good Habits and Best Practices
The full online course provides 75-90 minutes of information security content that can be completed in multiple sittings. The course tracks where the user
Comptroller’s Corner
The Office of the Comptroller conducted four district Information Technology audits since January 2020. The results demonstrate a clear need for districts to address sensitive IT controls and to provide cybersecurity training for staff.
social media on district computers. • Three districts did not provide IT security awareness training to employees and officials. • One district did not restrict user permissions to the network and the student information system software application (SIS) based on job duties. • Three districts did not disable inactive user accounts and did not adequately restrict user permissions based on job duties. • One district did not appoint a Chief Information Officer responsible for all IT matters. • Two districts did not adopt a disaster recovery plan. • One district did not establish written procedures for password management, wireless security, remote access and managing user access rights.
Out of the three districts audited:
• Two districts did not limit or monitor employees’ personal Internet browsing and their use of
Data Privacy & Security Service, Issue 18
Page 1
Data Privacy & Security Service, Issue 18
Page 2
Made with FlippingBook - professional solution for displaying marketing and sales documents online