School Data Security Incidents Increase After GDPR Implementation

School Data Security Incidents Increase After GDPR Implementation

The number of data security incidents reported by the education sector in the U.K. increased by more than 43 percent after the implementation of the General Data Protection Regulation (GDPR), reports Schools Week.

The number of data security incidents reported by the education sector in the U.K. increased by more than 43 percent after the implementation of the General Data Protection Regulation (GDPR), reports Schools Week.

According to the Information Commissioner’s Office (ICO), there was an increase in reports of incidents of disclosure issues—which involve the accidental sharing of sensitive data—and cyber-attacks between July and September 2018. Overall, the number of data reported security incidents in the education sector increased by 355 in the second quarter of 2017-2018 to 511 in the same period this year.

This is the first data to be released since the implementation of the GDPR this May. GDPR require schools to be more transparent about the data they have about their students, and respond more quickly to requests for copies of that data. Schools must also have a data protection officer in place.

Common disclosure issues include the loss or theft of data or paperwork, information sent to the wrong person via email and accidental verbal disclosure.

The increase in disclosure reports is likely caused by GDPR and work by the ICO to raise awareness, said Mark Orchison, a consultant whose firm 9ine works with schools on data protection.

“Schools are now actually aware of what data breaches are and are reporting these to demonstrate compliance with the law,” Orchison said.

Orchison is concerned about an increase in cyber-attacks on schools, saying that schools “don’t have the internal expertise” on cybersecurity and “haven’t got the skills to understand the risks or what to do when it happens.”

“Schools are seen as an easy target,” he said. “Sending false invoices, for example, is easy money.”

The U.K. government recently published new draft guidance for schools about security, including cybersecurity. The draft guidance advises schools to create firewalls and internet gateways to “prevent unauthorized access to or from private networks.” Schools are also advised to use secure configuration, access level controls and malware and virus controls.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • How Composable Security Technologies Fortify Campus Safety

    Campus security teams have faced myriad risks threatening the safety and well-being of students and faculty this semester. Leaders have made tough tradeoffs about where to focus and how to channel limited resources to best protect their communities — but they now have a much-needed lift to their toolkit. Read Now

  • How Emerging Technologies are Transforming the School Security Landscape

    Students can't focus on learning when they're worried about their safety. As education systems nationwide face evolving security challenges with limited resources, a new generation of integrated technology solutions is helping schools create safer environments while maximizing staff efficiency. Read Now

  • How to Harness ALPR for Greater Security Efficiency and Collaboration

    Within higher education campus environments, the demand for greater security, efficiency, and resources is ever-present. Many higher education teams are adopting advanced technologies to secure their campus, streamline operations, and continue to best serve their students and faculty. Automatic license plate recognition (ALPR) technology stands out for its ability to meet a wide range of campus objectives. Read Now

  • Using Emerging Technologies to Address Healthcare Staffing, Workplace Violence Issues

    The healthcare industry consistently adopts new technology to address challenges across all of its sectors. Many of the emerging technologies that are available today are being applied to optimize workflow. To enhance their operational efficiency, hospitals and other healthcare providers typically embrace emergent technologies to streamline tasks in patient care, administration, and, of course, security. Read Now