Independent schools are increasingly relying on technology and electronic data to manage every aspect of school operations, including many that involve protected information. Activities that involve protected or sensitive data include; making admission and financial aid decisions, guiding college searches, managing payroll, and reaching alumni. Independent school leaders must act to protect the school’s resources and information. The risks of reputational harm and financial losses following a cybersecurity breach have been made clear in recent years.

Further, independent school leaders must monitor developments in state laws requiring that school-collected data be safeguarded. The primary obligation for protecting data is assigned to the school, not to the company or organization the school selects for storing or managing data (e.g. a software company, data backup service, offsite storage, etc.).

ATLIS is pleased to offer this guide to the community to help school leaders better tackle this complex situation. In addition, members may login to the document library to retrieve templates, response policies and more.