Cloud Computing and Education in the State of Kentucky

April 22, 2022 | 4 minutes read
Cloud Computing and Education in the State of Kentucky

Kentucky HB 232 is a student data privacy law that was enacted in 2014. As online access and communication continue to play an essential role in the manner in which many K-12 students around the country pursue their respective educational careers, HB 232 was passed for the purpose of regulating the personal information and data that students share with cloud computing service providers when attending school. With this being said, the law both provides a clear and concise definition of the terms cloud computing and cloud computing service providers, and also outlines the responsibilities that these service providers have as it concerns protecting the confidentiality of student data.

How is a cloud computing service defined under the law?

Under Kentucky HB 232, a cloud computing service is defined as “a service that provides, and that is marketed and designed to provide, an educational institution with account-based access to online computing resources.” Alternatively, the law defines a cloud computing service provider as “any person other than an educational institution that operates a cloud computing service.” To this point, the law defines an educational institution to mean “any public, private, or school administrative unit serving students in kindergarten to grade twelve”, while a person is defined as “an individual, partnership, corporation, association, company, or any other legal entity.”

What are the duties of cloud computing service providers?

The student data protection and privacy responsibilities that cloud computing services providers and other associated entities have under the provisions of Kentucky HB 232 include:

What data elements are protected under the law?

The data elements concerning K-12 students within the state of Kentucky that are legally protected from unauthorized access, use, and disclosure under HB 232 include but are not limited to:

Student data privacy and redaction

When looking to comply with legislation such as Kentucky HB 232, automatic redaction software can be used to safeguard the integrity and confidentiality of student records and information. These redaction software programs allow educational institutions to render student data inaccessible, ensuring that it won’t be able to fall into the hands of cybercriminals and other bad actors. What’s more, as these software programs contain automatic functionality, educators can also save valuable time and resources when protecting student data and privacy, instead of allocating these resources to other areas of education such as the pursuit of post-secondary educational opportunities.

Just as the advent of cloud computing has altered the manner in which professionals handle their responsibilities and tasks in the business world, the technology has also changed the way in which students pursue their education. To this end, Kentucky HB 232 gives parents within the state the peace of mind that the personal privacy of their school-aged children cannot be infringed upon without consequence. As students do not have the means to protect themselves from the adverse effects of being involved in a cyberattack, legislation such as HB 232 is very much needed to prevent such occurrences whenever possible.

Related Reads

Blurring Faces from Videos and The Truth About Body-Worn Camera Privacy
September 06, 2023 | 4 minutes read
Blurring Faces from Videos and The Truth About Body-Worn Camera Privacy

Body-worn cameras are an essential piece of equipment for law enforcement officers and the redaction of faces from BWC footage is necessary to protect the privacy of individuals.

Learn More »
Sensitive Information, Protected: Patient Privacy, HIPAA, And You
August 30, 2023 | 4 minutes read
Sensitive Information, Protected: Patient Privacy, HIPAA, And You

HIPAA compliance ensures patient privacy. Often making the consequences of non-compliance severe, so how do you avoid that?

Learn More »
Protecting Privacy in the Healthcare Field: PII, PHI & PCI
July 12, 2023 | 5 minutes read
Protecting Privacy in the Healthcare Field: PII, PHI & PCI

Healthcare professionals handle a wide range of sensitive data that is crucial for delivering quality care. But protecting that data is getting harder.

Learn More »
The Gap You Won’t Want to Close: Air-Gapped Systems
June 05, 2023 | 6 minutes read
The Gap You Won’t Want to Close: Air-Gapped Systems

An air-gapped system is a computer, or network that is physically isolated from any external connections and networks which includes the Internet. It operates in total isolation with neither wired nor wireless connections to other devices.

Learn More »
What’s the Best Redaction Software for Your Organization?
February 24, 2023 | 10 minutes read
What’s the Best Redaction Software for Your Organization?

Not everyone understands the tedious work that goes into manually redacting a long video, monotonous documentation, and intense audio. Finding the right redaction software that suits all your needs can take some time. Knowing your needs, researching your options, and asking the right questions along the way will make the process much easier. Here is a simple step-by-step guide to paving the way for you to obtain the best redaction tool for you.

Learn More »
What is a Data Subject Access Request? New Privacy Laws
January 11, 2023 | 4 minutes read
What is a Data Subject Access Request? New Privacy Laws

Data Subject Access Requests (DSAR) are the primary means by which a business can maintain transparency with the customers they serve.

Learn More »