KBS Reference Desk: Cybersecurity Breach

Q:        The district received notification from a vendor of a potential cybersecurity breach involving confidential student information. Do we have a policy addressing next steps?

 A:        Yes, look to policy CQ (LEGAL) and (LOCAL) for your district’s internal response procedures, as well as any provisions set forth in the data protection agreement with the vendor.

 Note that your obligations concerning response to cybersecurity breaches will change, however, starting September 1, 2019 in light of the legislature’s recent passage of Senate Bill 820 (“SB 820”). SB 820 adds Section 11.175 to the Texas Education Code, which will require districts to: (1) adopt a cybersecurity policy; (2) designate a cybersecurity coordinator; and (3) report cybersecurity incidents to the Texas Education Agency (“TEA”) and to parents of impacted students beginning with the upcoming school year.

SB 820 tasks the superintendent with responsibility for appointing a cybersecurity coordinator to serve as the liaison between the district and TEA and to fulfill certain reporting obligations. In particular, SB 820 requires the cybersecurity coordinator to report to TEA “any cyber attack or other cybersecurity incident against the district cyber infrastructure that constitutes a breach of system security as soon as practicable after the discovery of the attack or incident.” Tex. Educ. Code § 11.175(e). Additionally, for any incident requiring a report to TEA, the coordinator must also “provide notice to a parent of or person standing in parental relation to a student enrolled in the district of an attack or incident…involving the student’s information.” Tex. Educ. Code § 11.175(f).

Be on the lookout for upcoming TASB policy updates and seek assistance from your school district’s attorney regarding required TEA and parent notification should a cybersecurity breach occur compromising personal information.  

Related Posts

Recent Articles

KBS Reference Desk: TOMA Social Gatherings Conventions
June 17, 2022
KBS Reference Desk: Volunteers Under Guardian Plan
June 10, 2022
KBS Reference Desk: DOI and Certification
June 3, 2022
KBS Reference Desk: FML Leave Over the Summer
May 27, 2022
KBS Reference Desk: Decrease in Compensation
May 20, 2022
KBS Reference Desk: Participation in Graduation Ceremonies
May 13, 2022
KBS Reference Desk: Temporary Custodians of Record – TPIA
May 6, 2022
KBS Reference Desk: Driving Students to Polls
April 29, 2022
KBS Reference Desk: Authority to Create New Position
April 22, 2022
KBS Reference Desk: Booster Club Raffle
April 15, 2022
KBS Reference Desk: Returning a Teacher to Probationary Status
April 8, 2022
KBS Reference Desk: Termination of Probationary Contract While On Leave
April 1, 2022
KBS Reference Desk: Long COVID and Special Education Referrals
March 25, 2022
KBS Reference Desk: Pay During Weather Closure
March 18, 2022
KBS Reference Desk: Nepotism
March 11, 2022
KBS Reference Desk: New SBOE Rules on Contract Abandonment
March 4, 2022
KBS Reference Desk: Web Accessibility
February 25, 2022
KBS Reference Desk: Political Advocacy Prohibitions
February 18, 2022
KBS Reference Desk: Pay During Weather Closure
February 11, 2022
KBS Reference Desk: House Bill 2581 Procurement Updates
February 4, 2022
KBS Reference Desk: CDL Waivers for Bus Drivers
January 28, 2022
KBS Reference Desk: Interstate Travel Liability and Travel Forms Best Practices
January 21, 2022
KBS Reference Desk: Updated Stay at Home Periods
January 14, 2022
KBS Reference Desk: On Call Employees Over Holidays
December 17, 2021
KBS Reference Desk: Holiday Decorations
December 10, 2021