Duane Morris Home
Search Site | Languages | Site Map | Alumni | Careers | Contact Us | Watch Duane Morris Video Listen to Duane Morris Podcasts, Webcasts and Audio Connect with Duane Morris LLP on LinkedIn Follow Duane Morris LLP on Facebook Follow Duane Morris LLP on Twitter Subscribe to RSS feed
  • About Duane Morris  ∨
    • Annual Report
    • Firm Rankings and Statistics
    • Past and Present
    • Firm Accolades and Honors
    • Attorney Accolades and Honors
    • Diversity and Inclusion
    • Women's Initiative
    • Pro Bono
  • Practices and Industries  ∨
    • Expanded Service Area Listing
  • People
  • Offices
  • Annual Report
  • News, Pubs and Multimedia  ∨
    • Alerts and Updates
    • Bylined Articles
    • In the News
    • Press Releases
    • For the Press
    • Video
    • Podcasts
    • Blogs
  • Events
  • Affiliates

By-Lined Articles
Events
For the Press

Home > Publications > By-Lined Articles

SHARE: Email this page Print This

By-Lined Article

Educational Institutions Must Try To Protect Students' Personal Information

By Eric J. Sinrod
October 20, 2009
Findlaw.com

Not surprisingly, educational institutions possess all sorts of private data with respect to their students. However, a bit more surprising is how easy it is for the privacy of that data to be compromised.

For example, the Washington Post recently reported that personal information relating to in excess of 103,000 former adult education students in Virginia was misplaced. That information included Social Security numbers, as well as employment and demographic details.

How did that happen? It was fairly simple, actually. A Virginia Education Department employee reportedly passed on a two-gigabyte flash drive during a meeting for use as part of federally mandated research. Unfortunately, the flash drive was not encrypted and it went missing the day after the physical transfer. The lost flash drive reportedly contained private information for all students who completed an adult education course between April 2007 and June 2009 or who had passed a high school equivalency test from January 2001 to June 2009.

There is no question that educational institutions, whether private or governmental, have certain obligations to protect personal information entrusted to them by students. These institutions should consult with counsel and information technology specialists to develop practices to protect this information. And when private information is compromised, students should be advised how to implement measures to avoid identity theft.

In this unfortunate instance, private data was transferred in a manner that was not secure. This could have been easily avoided. And without proper procedures having been followed on the front-end, a great many former students have to deal with the potential of negative consequences flowing from this incident. Hopefully, the flash drive will not fall into the hands of anyone who would want to take advantage of the private information contained on the drive.

Biography

Eric Sinrod is a partner in the San Francisco office of Duane Morris. His focus includes information technology and intellectual property disputes. To receive his weekly columns, send an e-mail to with the word "Subscribe" in the subject line.

Disclaimer: This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author's law firm or its individual partners.

Reprinted with permission of Findlaw.com

 

Duane Morris LLP & Affiliates. © 1998-2013 Duane Morris LLP. Duane Morris is registered service mark of Duane Morris LLP. Disclaimer | Privacy | Attorney Advertising
Other Languages: Chinese • Deutsch • Español • Français • Português