Navigating labyrinth of data-privacy laws

It is nearly impossible for an educational institution to stay current with data privacy

A day doesn’t go by when headlines in newspapers and alerts on the Internet proclaim another outrageous data breach. We receive e-mail notifications from retailers telling us that our data has been exposed and that we need to take certain measures to protect ourselves from identity theft. Privacy laws in the United States are changing rapidly. The federal government and state legislatures have placed the privacy of consumers’ personal data high on their radar screens. More

To continue reading this article, please do one of the following.



ADVICE

Navigating labyrinth of data-privacy laws

It is nearly impossible for an educational institution to stay current with data privacy

Posted 3/12/12

A day doesn’t go by when headlines in newspapers and alerts on the Internet proclaim another outrageous data breach. We receive e-mail notifications from retailers telling us that our data has been exposed and that we need to take certain measures to protect ourselves from identity theft. Privacy laws in the United States are changing rapidly. The federal government and state legislatures have placed the privacy of consumers’ personal data high on their radar screens.

Last year, more than 35 bills were introduced into the U.S. House and thirty-three separate and unrelated bills were introduced in the Senate related to data privacy. The bottom line is that the protection of personal data and the enhanced regulation of privacy and security standards of businesses, including educational institutions, should be a high priority.

Why the concern? Take a look at the Privacy Rights Clearinghouse website www.privacyrights.org. It is scary.

It contains a daily tally of the number of records that have been breached. Educational institutions have had their fair share of breaches. Some of the breaches listed on the website include a breach on Jan. 12 at Arizona State University where an encrypted file containing user names and passwords of 300,000 individuals was downloaded by an unauthorized person. It caused the university’s online services to shut down and all users were required to enter new passwords.

On Nov. 29, 2011 the dining-services registers at the University of California were compromised by a cyber hacker who stole and fraudulently used 5,000 students’ credit and debit cards, including access to their PINs.

What are the obligations of the institution to notify when a breach has occurred? It depends on the type of data involved. Thirty-six states have enacted different breach-notification laws that generally require notification to an individual if there is a reasonable belief that the breached information can be used for the perpetration of identity theft or another harm against the individual.

Next Page
Calendar
PBN Hosted
Events

Please join PBN on September 10th for the 3rd Annual Fastest Growing & Innovative Companies program at Rosecliff Mansion in Newport. Seating is limited so be sure to register early.
Advertisement
Purchase Data
Book of Lists
Lists
Book of Lists cover
PBN's annual Book of Lists has been an essential resource for the local business community for almost 30 years. The Book of Lists features a wealth of company rankings from a variety of fields and industries, including banking, health care, real estate, law, hospitality, education, not-for-profits, technology and many more.
Data icons
Data can be purchased as single lists, in either Excel or PDF format; the entire database of the published book, in Excel format; or a printed copy of the Book of Lists.
  • Purchase an e-File of a single list
  •  
  • Purchase an e-File of the entire Book of Lists database
  •  
  • Purchase a printed copy of the Book of Lists
  •  
    National
    Local
    Latest News
    Advertisement