Is Your Staff Trained To Comply With New York State Education Law Section 2-d?
Has your staff been properly trained to maintain New York State Education Law Section 2-d compliance in their daily work at your organization? Regardless of the technology and controls you have in place, one unaware employee can put it all at risk.
No one said Education Law compliance was easy.
New York State Education Law Section 2-d (more commonly known as Ed Law 2d) demands a higher level of security and data governance that organizations like yours have to follow. Compliance is complex, and there is a critical element of assessment and planning that needs to go into your compliance strategy.
In particular, you need to make sure your staff understands their role in your organization’s overall compliance efforts.
What Role Do Staff Members Play In Ed Law 2d Compliance?
First enacted in 2014, Ed Law 2d was developed to protect the personally identifiable information (PII) of students and education professionals. The intention was to better protect this data as it was collected, accessed and stored in centralized school board databases, which were becoming targets for more and more sophisticated cyber attacks.
In 2019, new additions to Ed Law 2d were proposed, including the adoption of the National Institute for Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity Version 1.1 (CSF or Framework). Furthermore, school districts will be required to appoint at least one “protection officer”, similar to roles in education law compliance.
It’s important to recognize that Ed Law 2d isn’t limited to your technology management and processes. In the section, “Training for Educational Agency Employees”, it states:
“Educational agencies will be mandated to provide annual information privacy and security awareness training to their officers and employees who have access to PII. The training may be provided using online training tools, and may be included in other training already offered.”
Are you sure you’re compliant with Ed Law 2d? More importantly, are you sure your staff is upholding your compliance?
Is Your Staff Contributing To Your Ed Law 2d Compliance?
It doesn’t matter which types of technical safeguards you have in place if your staff doesn’t know their role in compliance.
You would be surprised how often staff members mishandle data, leaving a sensitive file in hard copy in a waiting area or open on a visible workstation screen. The fact is that your staff interacts with data more than any of your vendors or other business contacts.
Are you sure your staff knows how to maintain education law compliance?
How To Train Your Staff To Comply With Ed Law 2d
The fact is that the best cybersecurity technology and organizations in the world can be undone by one staff member who doesn’t understand how to use them, or how to protect the data they work with.
A comprehensive compliance and cybersecurity training program (offered by NST, for example) will teach your staff how to handle a range of potential situations:
- How to participate in compliance best practices.
- How to identify and address suspicious emails, phishing attempts, social engineering tactics, and more.
- How to use business technology without exposing data and other assets to external threats by accident.
- How to respond when you suspect that your organization is noncompliant.
Now you know where to begin — do you need help getting your education law compliance off the ground? Try NST.
NST Will Help You Train Your Staff In Ed Law 2d Compliance
The good news is that you don’t have to handle compliance training for your team by yourself — NST is here to help. We provide robust compliance training services for our managed services clients in the education sector.
With our help, your staff will contribute to your compliance, not compromise it. Get in touch with our team to get started.