By Audience: Postsecondary School Officials

This Malicious Software Data Breach Scenario is an interactive exercise designed to provide participants with the opportunity to experience firsthand the process and pitfalls of responding to a data breach at the organizational level. Over the course of one to two hours, participants explore the scenario of a malicious ransomware incident affecting student information as well as other personally identifiable information (PII) from their organization.

The package includes three parts: Facilitator’s Guide, Presentation, and Exercise Handouts. Please find the additional parts below.

This Malicious Software Data Breach Scenario is an interactive exercise designed to provide participants with the opportunity to experience firsthand the process and pitfalls of responding to a data breach at the organizational level. Over the course of one to two hours, participants explore the scenario of a malicious ransomware incident affecting student information as well as other personally identifiable information (PII) from their organization.

The package includes three parts: Facilitator’s Guide, Presentation, and Exercise Handouts. Please find the additional parts below.

This Malicious Software Data Breach Scenario is an interactive exercise designed to provide participants with the opportunity to experience firsthand the process and pitfalls of responding to a data breach at the organizational level. Over the course of one to two hours, participants explore the scenario of a malicious ransomware incident affecting student information as well as other personally identifiable information (PII) from their organization.

The package includes three parts: Facilitator’s Guide, Presentation, and Exercise Handouts. Please find the additional parts below.

The Data Breach Scenario Trainings are a series of packaged trainings developed by the Privacy Technical Assistance Center, designed to help educational organizations at all levels conduct internal staff development on data breaches. Each scenario has been developed into a training package, providing ready-to-use resources for the scenario leader(s) and participants.

Letter on the applicability of the Family Educational Rights and Privacy Act (FERPA) to the disclosure by IHEs or postsecondary institutions of certain personally identifiable information (PII) from student education records to representatives of the U.S. Census Bureau (Bureau) in connection with the 2020 Census.

The U.S. Department of Education and the Office for Civil Rights at the U.S. Department of Health and Human Services released updated joint guidance addressing the application of the Family Educational Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule to records maintained on students.