A breach is any unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information that we maintain.
Unencrypted information containing: individuals’ names or initials, social security numbers, driver’s license number or other identification numbers, financial information (i.e., bank account number, credit or debit card number), medical information, health insurance information, and other personal identifiers.
In the event of a data breach, the goal is to provide notice to affected parties as soon as reasonably possible. From we are aware of the breach a notice will be communicated within 72 hours.
Recipients of the Notice
We will notify both the impacted users and any known schools to which those users belong via contact information on record.
Information in the Notice
Company contact information.
A general description of the breach incident.
An explanation, to the best of our knowledge, of what happened.
A listing of the types of personal information that is believed to be compromised.
If known, the date and time of the breach, or a best estimate.
Whether the notification was delayed as a result of law enforcement.
What steps the Company has taken to mitigate the situation, prevent it from happening again, and advice to the impacted individuals on how they can best protect themselves.
Method of notification
Notifications should be sent via email to all impacted users.