IT Infrastructure & Management

Confidential Records Mistakenly Posted on the Internet

By Andrew Trotter — October 08, 2003 2 min read
  • Save to favorites
  • Print

The Vancouver, Wash., school district has expedited a security audit of its Web site and hired a computer programmer to conduct periodic security checks, after confidential records for 6,916 students were accidentally placed on the district’s public Internet site recently.

The records, for all students in grades 5-8, included each student’s name, school identification number, birth date, ethnicity, school, teacher, grade point average, participation in programs such as special education, and test scores for several years.

District officials admitted that the posting was an accidental violation of federal law.

The information apparently was first discovered by a local newspaper reporter, who was researching the bounty of data on the district’s Web site. He called the district to ask whether something was amiss.

The district shut down the Web site until all the confidential student information could be removed—one day after it was made accessible to the public.

Officials had to read all about their mistake in the newspaper, The Columbian, but they believe no other members of the public downloaded the information.

The data were in a spreadsheet created to help schools plan students’ transitions between school levels, said Linda Turner, the director of information and technology services for the 21,000- student district. She said student information is supposed to be posted in a section of the Web site that requires authorized users, including parents, to type in a password.

But in this case, an official in the district’s assessment department mistakenly posted the spreadsheet on a Web page that was intended to publicize students’ overall performance on state tests, Ms. Turner said.

Because the mistake was “honest” and no apparent harm was done, the employee will not be disciplined, she said.

Caution on Software

The Family Educational Rights and Privacy Act, known as FERPA, requires schools to have written consent from parents to release personal student information.

Alice Hendricks, a Bethesda, Md.-based consultant on Web systems for government agencies and businesses, said a security audit can identify the procedural flaws that lead to the kind of mistake that happened in Vancouver.

Ms. Hendricks said Web site “authoring” software used by many organizations eases the process of adding information to sites, but can trip up inexperienced employees.

She said authoring software designed for businesses or for government agencies such as school districts should be set to give varying levels of access to different employees, and to require approval before information “goes live,” or becomes accessible to Internet users.

“The only way to prevent mistakes like that is [through review by] a human being,” Ms. Hendricks said.

Related Tags:

Events

Student Achievement Webinar What Effective Tutoring Should Look Like—and Achieve
Join this webinar to learn how to sustain effective tutoring programs that help improve students' performance in reading and math.
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Mathematics Webinar
Engaging Every Learner: Strategies to Boost Math Motivation
Math Motivation Boost! Research & real tips to engage learners.
Content provided by Prodigy Education
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Sponsor
Student Well-Being Webinar
The Ripple Effect: Mental Health & Student Outcomes
Learn how student mental health impacts outcomes—and how to use that data to support your school’s IEP funding strategy.
Content provided by Huddle Up

EdWeek Top School Jobs

Teacher Jobs
Search over ten thousand teaching jobs nationwide — elementary, middle, high school and more.
View Jobs
Principal Jobs
Find hundreds of jobs for principals, assistant principals, and other school leadership roles.
View Jobs
Administrator Jobs
Over a thousand district-level jobs: superintendents, directors, more.
View Jobs
Support Staff Jobs
Search thousands of jobs, from paraprofessionals to counselors and more.
View Jobs

Read Next

IT Infrastructure & Management Federal Ed-Tech Dollars Are Running Out. What Happens Next?
Many state officials aren't confident in continued investment in education technology initiatives financed by pandemic relief money.
2 min read
Illustration of a large dollar sign dissolving into a pixelated and bitmapped pattern on a dark red background.
DigitalVision Vectors
IT Infrastructure & Management Cybersecurity Demands Are Growing. Funding Isn't Keeping Pace
State education leaders worry funding for cybersecurity isn’t enough to cope with the worsening problem of attacks on schools.
2 min read
Dollar Sign Made of Circuit Board on Motherboard and CPU.
iStock/Getty
IT Infrastructure & Management Sizing Up the Risks of Schools' Reliance on the 'Internet of Things'
Technology is now critical to both the learning and business operations of schools.
1 min read
Vector image of an open laptop with octopus tentacles reaching out of the monitor around a triangle icon with an exclamation point in the middle of it.
DigitalVision Vectors