Back

BREACH RESPONSE PLAN

Definition of a Data Breach

A data breach includes unauthorized access, cyberattacks, data theft, lost or stolen devices containing PII, or exposure of confidential information.

Immediate Response Procedures

  • Contain the incident
  • Notify School leadership and Technology Director
  • Disable compromised accounts
  • Assess scope and impact
  • Document the incident

Notification Requirements

Parents, staff, and state authorities will be notified as required by law, including clear guidance on protective steps.

Cybersecurity Incident Response Team (CIRT)

The CIRT coordinates breach response and includes School leadership, technology staff, finance leadership (if applicable), and legal counsel when necessary.

Post-Incident Review

The School will review root causes, update safeguards, retrain staff, and revise policies as needed.

Download: BREACH RESPONSE PLAN