Governor Beshear’s executive order creates huge education data center
But, who will insure all this data is secure, who will have access, etc?
I’m a big fan of research data, but I also recognize that massive amounts of personal information stored on government computers create all sorts of potential for really bad things like identity theft and governmental invasion of personal privacy. Certainly, the security issue gets particularly dicey when large amounts of data are consolidated and interconnected across state agencies with different data systems.
Thus, my concerns got raised a notch when the Lane Report and WFPL Radio reported that Kentucky Governor Steve Beshear just signed an executive order to consolidate ultimate access and control of all computer-stored education data covering everything from public preschools to public postgraduate schools in a new agency to be called the Kentucky Center for Education and Workforce Statistics.
WFPL and the Lane Report – even the title of the new agency – say the Kentucky Center for Education and Workforce Statistics will probably crosslink even more databases from other state agencies with health care information and employment data on adults already in the workforce.
For sure, this could be a rich treasure trove for legitimate research.
Unfortunately, there is also significant potential for serious unintended consequences, consequences that might impact both your children and YOU.
I’m still sorting through the implications of this new announcement, so stay tuned. In the meantime, you might want to look at a new report from the Kentucky Office of Education Accountability (OEA), which examines some data security issues with education databases maintained by the Kentucky Department of Education and by that agency’s contractors.
As you read this report, keep in mind that with data access now greatly expanding to include other agencies outside of the Kentucky Department of Education, the potential security issues identified in the report do not cover potential problems at those other agencies. However, overall data security will now probably be no better than the weakest link in the entire chain.
Also keep in mind the new OEA report says that at present Kentucky is one of only four states that have no security breach statute, so there are no consistent penalties for public workers who contribute to such a situation (individual agencies may have some sort of policy, but it apparently isn’t backed by law). That seems like an awfully big problem with so much data now coming under one, central control.