The Dekalb County School District (DCSD) is aware of circumstances where isolated files with personally identifiable information were made available to staff and students. An internal investigation determined that improper handling of files by employees caused these conditions. DCSD promptly ordered an initial audit of the district’s infrastructure, and the conclusion was this incident was not caused by an external breach of information systems or databases.
In addition, the District has contracted with a 3rd party vendor to comprehensively evaluate the situation in order for all parties involved to better understand the extent of the improper file handling. Once that process concludes, and DCSD administrators have had a chance to evaluate the findings, all parties will convene and determine the next steps based on industry standards and best practices associated with data governance, user training, awareness, and secure security file storage and sharing. If it is determined that stakeholders had- or may have had- their information accessed by unauthorized individuals- DCSD will promptly notify those individuals as required by law.