Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Security and Privacy Overview: NJDOE’s Approach to Cybersecurity

Published byLinda Gilmore Modified over 6 years ago

Similar presentations

Presentation on theme: "Data Security and Privacy Overview: NJDOE’s Approach to Cybersecurity"— Presentation transcript:

1 Data Security and Privacy Overview: NJDOE’s Approach to Cybersecurity
Update to the State Board of Education March 1, 2017 Script: Introduce yourself, quickly move to next slide.

2 NJDOE’s Approach to Cybersecurity
The New Jersey Department of Education (NJDOE) is required by law to collect and store student and educator records. The NJDOE takes seriously its obligation to secure information systems and protect the privacy of all data that is collected, used, shared and stored by the NJDOE. Data Security: Implementation of safeguards to ensure data is protected from unauthorized access, use, intrusion or modification. Ex: Firewalls, Encryption, Back Ups Data Privacy: Appropriate use and access of data by individuals or groups to ensure behaviors are followed to protect data. Ex: Authorized access controls, view/share/edit privileges Security + Privacy = Strong Cybersecurity

3 NJDOE’s Strong Data Security and Privacy Structure
Through statutory and regulatory provisions, as well as State agency partnerships, the NJDOE layers safeguards to protect data. State Regulation in N.J.A.C 6A:32-7 (LEA) NJDOE Security and Privacy Policy 6A: General considerations 6A: School contact directory for official use 6A: Mandated student records 6A: Maintenance and security of student records 6A: Access to student records 6A: Conditions for access to student records 6A: Rights of appeal for parents and adult students 6A: Retention and disposal of student records Provides accountability framework for: Internal use/access of data External use, disclosure, and destruction of data Incident response protocols Data governance program Staff Training Adhering to federal laws (FERPA, etc) State Agency Partnership of Shared Security The New Jersey Department of Education (NJDOE) Network Services team provides security with support from the New Jersey Office of Information Technology (NJOIT) and the New Jersey Department of Homeland Security and Preparedness (NJOHSP) to provide the necessary safeguards to protect education information and data from intrusion, modification, disruption and/or destruction. In partnership we provide information, analysis, and incident reporting internally and among the security agencies. NJOHSP NJOIT NJDOE

4 Data Management Committee Data Stewards
NJDOE’s Data Governance Program The NJDOE’s Data Governance Program provides an organizational approach to data and information management through a system of decision rights, accountabilities, and processes that help ensure the appropriate access, awareness, and accuracy of our data. Data Council Data Management Committee Data Stewards Approve governance & data policies Assign resources to support governance program Hold all staff accountable for adhering to policy Resolve issues escalated by the Data Management Committee Approve data elements  Prioritize, resolve & escalate data issues as needed Establish agency-wide standards, processes & procedures for data collection, reporting & release Assign Data Stewards Service data needs of their program area/office Identify critical data issues & possible resolutions from their program area/office Propose standards, process & procedural improvements Ensure data quality & appropriate use

5 Resources for the Education Community
The NJDOE’s policies align with federal law and best practices to ensure the privacy of our student data Family Educational Rights and Privacy Act (FERPA): Overview, FAQ, and Complaint Filing - FERPA Children’s Online Privacy Protection Rule (COPPA): Rule, Federal Register, and Related Documents - COPPA Protection of Pupil Rights Amendment (PPRA): Overview and Further Resources - PPRA Privacy Technical Assistance Center (PTAC): Resources for Education Stakeholders to Learn About Data Security and Privacy - PTAC

6 Questions?

Download ppt "Data Security and Privacy Overview: NJDOE’s Approach to Cybersecurity"

Similar presentations

How Will it Help Me Do My Job?

How Will it Help Me Do My Job?
1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.

1. As a Florida KidCare community partner families entrust you to not only help them navigate the Florida KidCare system but to keep the information they.
Data Quality And Stewardship. PROVIDED BY THE IDAHO STATE DEPARTMENT OF EDUCATION.

Data Quality And Stewardship. PROVIDED BY THE IDAHO STATE DEPARTMENT OF EDUCATION.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.

HIPAA Security Regulations Jean C. Hemphill Ballard Spahr Andrews & Ingersoll, LLP November 30, 2004.
NCES Forum Tech Committee July 2010 Presented by: Kathy Gosa Kansas State Department of Education.

NCES Forum Tech Committee July 2010 Presented by: Kathy Gosa Kansas State Department of Education.
SIU School of Medicine Identity Protection Act and Associated SIU Policy.

SIU School of Medicine Identity Protection Act and Associated SIU Policy.
The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.

The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.
IS 700.a NIMS An Introduction. The NIMS Mandate HSPD-5 requires all Federal departments and agencies to: Adopt and use NIMS in incident management programs.

IS 700.a NIMS An Introduction. The NIMS Mandate HSPD-5 requires all Federal departments and agencies to: Adopt and use NIMS in incident management programs.
Information Security Policies and Standards

Information Security Policies and Standards
Developing a Records & Information Retention & Disposition Program:

Developing a Records & Information Retention & Disposition Program:
Data Management Awareness January 23, 2008 1 University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.

Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.

Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.
CUI Statistical: Collaborative Efforts of Federal Statistical Agencies Eve Powell-Griner National Center for Health Statistics.

CUI Statistical: Collaborative Efforts of Federal Statistical Agencies Eve Powell-Griner National Center for Health Statistics.
Agenda 1. Definition and Purpose of Data Governance

Agenda 1. Definition and Purpose of Data Governance
Information Security Update CTC 18 March 2015 Julianne Tolson.

Information Security Update CTC 18 March 2015 Julianne Tolson.
Electronic Records Management: What Management Needs to Know May 2009.

Electronic Records Management: What Management Needs to Know May 2009.
Early Childhood Data Governance: Overview and Implementation

Early Childhood Data Governance: Overview and Implementation
U.S. Department of Education Privacy Initiatives Kathleen M. Styles Chief Privacy Officer U.S. Department of Education April 18, 2011.

U.S. Department of Education Privacy Initiatives Kathleen M. Styles Chief Privacy Officer U.S. Department of Education April 18, 2011.
Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey 07458 All rights reserved. Health Information Technology and Management Richard.

Copyright ©2011 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved. Health Information Technology and Management Richard.

Similar presentations

Ads by Google