Bipartisan legislation requires schools to alert parents of any data breach involving student records
JEFFERSON CITY, Mo (March. 3, 2017) Missouri State Auditor Nicole Galloway today announced a bipartisan effort to increase safeguards for students whose information is compromised in a cybersecurity incident. Senate Bill 478 would require school districts to notify parents or guardians of a data breach involving student information.
“Under the current law, a parent might not learn that their child’s sensitive information has been compromised until it’s too late and their identity has been stolen. This legislation requires school districts to take the necessary and critical step of notifying parents so they can immediately begin addressing any potential damage that could result from sensitive information being released,” Auditor Galloway said.
“Cybersecurity is of the utmost importance, especially regarding our children. This bill is an effective solution to an oversight in our current law. If students’ confidential data is compromised, parents have a right to know and schools have a duty to inform them.” Sen. Ryan Silvey said.
“This is a simple, common sense bill that would remedy a glaring omission in the current law that could allow schools to sweep information about data breaches under the rug. As it currently stands someone might have their identity stolen as a child, but not find out until he or she turns 18 and begins applying for college financial aid or tries to get a credit card. This measure could prevent a series of unfortunate and unintended consequences that might occur as a result of a data security breach,” Sen. Jason Holsman said.
In 2016 Auditor Galloway completed her Cyber Aware School audits initiative, which was designed toincrease safeguards against unauthorized access to student records and information, including academic reports, health records or financial information. This was accomplished by analyzing school data protection practices, identifying areas of concern and making recommendations to improve the security of information in public schools across the state.
In addition, individuals who become aware of a school cybersecurity breach can notify the State Auditor’s Office by contacting the Whistleblower Hotline at 800-347-8597, by submitting concerns online at auditor.mo.gov/hotline or by emailing [email protected]. The Whistleblower Hotline serves as a resource for anyone who would like to provide information or submit concerns anonymously and without fear of retribution.
Senate Bill 478 was filed by Sen. Ryan Silvey and Sen. Jason Holsman on Monday, Feb. 27. If signed into law, it would go into effect Aug. 28, 2017.