Security & Privacy | News

School Districts Stumble on Data Privacy

Three school districts are grappling with the loss of private information on a broad scale, each through a unique set of circumstances.

One Virginia district learned that personal information about students at one of its middle schools was lost when a bag containing a thumb drive was stolen. Another discovered that it had sold as surplus several computers containing the names and Social Security numbers of employees. And a district in Massachusetts uncovered exposure of employee personal data on a public Web site for a short period.

In the case of Prince William County Public Schools in Manassas, VA, parents of students at Lake Ridge Middle School received a letter from its principal in May 2010 regarding the theft of confidential school division data. The data was maintained on a thumb drive taken off school property for the sake of emergency backup and was in a bag taken during a burglary off campus. The data included a student identification number, student name, parent/guardian name and phone numbers, and student bus number or walker status. According to the letter, additional "identifiable data" may also have been recorded.

According to the school district's Web site, Lake Ridge has about 1,180 students.

To answer parents' questions, the school held an informational meeting and provided contact information for its two assistant principals.

Roanoke City Public Schools in Roanoke, VA allowed personal information--including Social Security numbers--on about 2,000 employees to get out of its control during the sale of surplus computers. The sale of eight computers included hard drives containing names, school locations, and Social Security numbers of the division's employees as of November 2006. The district indicated it has since recovered the drives.

Quincy Public Schools in Massachusetts learned that it had posted private information about some employees, including names, home addresses, work locations, and Social Security numbers on a public Web site. The data was contained in a PowerPoint slideshow documenting proposed budget cuts, according to coverage in local newspaper, The Patriot Ledger.

In none of the cases does it appear that the school district has provided credit checking services for those potentially affected by the data breaches.

About the Author

Dian Schaffhauser is a writer who covers technology and business for a number of publications. Contact her at dian@dischaffhauser.com.

Comments

Add your Comment

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

White Papers:

  • Kid Tested and School Approved PDF Screenshot

    Can you trust a 10-year-old with a sophisticated laptop – or a 16-year-old for that matter? How can you protect your computer equipment from dings and other damage liable to happen in a K-12 school environment, where students are still learning responsibility? Lenovo through GovConnection can help. Download this whitepaper to learn more. Read more...