Sen. Flanagan, the chairman of the New York State Committee on Education issued a report and four pieces of legislation today regarding the recent changes to our schools. The first piece of legislation I read through was the Data Privacy Bill (S6007-2013).
On its face it seems to be a bill that could be quite helpful. It creates a Chief Privacy Officer appointed by the Commissioner of Education who will help; create a Parental Bill of Rights for Student’s Data, handle complaints, set penalties for violators and other related processes. The bill also sets forth the penalties for the unauthorized release of information.
The Bill lays out the penalties the Chief Privacy Officer can impose upon third-party vendors. If there is a data breach, the third party vendor, can be precluded from accessing data up to five years, can be denied the ability to enter into new contracts, or may just have to do some retraining with their staff. Most importantly, if the Chief Privacy Officer decides a data breach was inadvertent or done without intent or gross negligence the commissioner may decide that no penalty be imposed upon the third part vendor.
So in the end, the state is free to allow a third party vender who has a data breech to suffer NO PENALTY. That’s right. I’ll say it again. NO PENALTY.
This piece of legislation does not address the concerns of parents and educators across the state who don't want their children’s information shared with third parties. It does not address the fact that New York State is one of only two states using inBloom and the only state that uploading the data is mandatory. This is the bare minimum, created to show that “something is being done” when in reality is does nothing to protect student data.
No comments:
Post a Comment