High-volume, high-quality and diverse datasets are crucial for advancing research in the education field. However, such datasets often contain sensitive information that poses significant privacy challenges. Traditional anonymisation techniques fail to meet the privacy standards required by regulations like GDPR, prompting the need for more robust…

The purpose of this document is to provide timely and useful best practice information to help education agencies proactively prepare for, appropriately mitigate, and responsibly recover from a cybersecurity incident. This resource reflects lessons learned by the education community and provides recommendations that will help agencies protect…

Data breach prevention is a battle, rarely plain and never simple. For higher education institutions, the Sisyphean aspects of the task are more complex than for industry and business. Two-year colleges have payrolls and vendor contracts like those enterprises. They also have public record and student confidentiality requirements. Colleges must…

Under security breach response laws, businesses--and sometimes state and governmental agencies--are required to inform individuals when the security, confidentiality or integrity of their personal information has been compromised. This resource provides a state-by-state analysis of security breach response laws. [The Data Quality Campaign has…

Despite intensive security measures, institutions are still suffering breaches--sometimes quite painful and costly ones. After a major breach was reported at UCLA this past November, the author spoke with "Educause" security expert Rodney Petersen, to get his perspective and advice for higher education leadership. This article presents…

Examines recent findings that could influence the use of e-mail on university campuses. National privacy legislation and the inviolability of student records are discussed. It is concluded that more effective safeguards are necessary, and that the current steps are inadequate for the protection of students' rights. (Author/LRW)

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 (PL. 104-191) is a multitiered, comprehensive, convoluted, and controversial federal law for sweeping health care reform. Although HIPAA is dramatically broader in scope than privacy protections for health care information, a provision for privacy in the form of a Privacy Rule…

Describes how many college officials are confused by the USA Patriot Act, a new anti-terrorism law that may affect campus networks and library records; they believe its provisions could raise privacy and academic freedom issues. (EV)

As more people become computer literate, issues of privacy become more pertinent. Major privacy issues at the individual, national, and international levels are identified in the first part of the paper. These issues provide the basis for the second part of the paper, which is a report of a survey in which subjects were asked to indicate whether…

Many of the information security appliances, devices, and techniques currently in use are designed to keep unwanted users and Internet traffic away from important information assets by denying unauthorized access to servers, databases, networks, storage media, and other underlying technology resources. These approaches employ firewalls, intrusion…

No university seems immune to cyber attacks. For many universities, such events have served as wake-up calls to develop a comprehensive information security and privacy strategy. This is no simple task, however. It involves balancing a culture of openness with a need for security and privacy. Security and privacy are not the same, and the…

For years computer viruses have threatened productive use of personal computers, challenging users and support providers to prevent and recover from viral attacks. Now another type of computing malady has begun to enter popular consciousness: spyware. Typically, analyses of spyware focus on technical issues or provide pointers to resources for…