(2) Privacy compliance standards.
(3) Privacy and security audits.
(4) Procedures to follow in the event of a breach of student
data.
(5) Data retention and disposition policies.
(c) The model plan and any updates shall be made available
to all school entities.
(d) The department shall designate a chief data security
officer, with any State money as made available, to assist a
school entity, upon request, with the development and
implementation of a student data security plan and to develop
best practice recommendations regarding the use, retention and
protection of student data.
(e) The department shall convene a working group to assist
with the development of initial instructions, procedures,
services, security assessments, best practices and security
measures required by this section for the development of a model
student data security plan. The working group shall include the
Secretary of Education, the chief information officer,
representatives from school entities across this Commonwealth
and other parties deemed necessary by the department.
(f) The working group shall compile a report on or before
December 1, 2025, on the cost of developing and implementing a
model student data security plan. The working group shall submit
the report to the chair and minority chair of the Appropriations
Committee of the Senate, the chair and minority chair of the
Appropriations Committee of the House of Representatives, the
chair and minority chair of the Education Committee of the
Senate and the chair and minority chair of the Education
Committee of the House of Representatives.
20240HB1987PN2522 - 2 -
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30