Steve Coulter provides a nice bird’s-eye view of data security at the k12 level in his coverage of a Ridgefield, Connecticut school board meeting:
Craig Tunks, the district’s director of technology, presented a student data security and privacy update to the Board of Education on May 27, which highlighted how the district uses data, how it’s reported and how it’s secured.
Do read his report about the meeting on Ridgefield Press. It provides more detail than we usually find in a media report about the number of vendors with access to data and the types of data, etc. It’s also nice to see some savvy board members who question whether more needs to be done or can be done. Consider this exchange, reported by Coulter:
In terms of worst case scenario, board member John Palermo said a hacker who breached PowerSchool could get access to everything — name, date of birth, address, and picture — and create “serious damage.”
“That’s not a possibility,” [board member] Ms. Sulzinsky said.
“It is a possibility,” Mr. Palermo retorted. “Anything is possible.”