welcome back to student data privacy fundamentals. This lesson is defining your critical incident response.
In this video, you will learn what is a critical incident and how should you respond.
How to maintain business continuity during a critical incident.
What should be included in a disaster recovery plan and what should be included in a data breach response plan
control show ensure that this the district can recover from any damage to or breach of critical systems, data or information within a reasonable period of time.
Each school department or individual is required to report any instances immediately to the ice so or designee for response to a system emergency or other occurrence. For example, fire vandalism, system failure, data breach or natural disaster that damages or breaches data or systems,
document or attention. Business continuity and district board policies delineate the process for data retention for all district data, including backup requirements, the district will maintain systems that provide near line and offsite data backup. These systems shall allow for the full recovery of critical systems. In the event of a disaster,
you will want to stay how often your organization will complete a backup. For example, the district will test near line and off site backups quarterly.
The district's Technology disaster recovery plan outlines critical staff responsibilities and processes in the event of a disaster or critical data loss.
The district shall maintain a list of all critical systems and data, including contact Information
technology. Disaster Recovery plan shall include processes that enable the district to continue operations and efficiently restore any loss of data in the event of fire vandalism, natural disaster or critical system failure, which we will discuss. In a later lesson on the disaster recovery plan,
the data breach response plan addresses state law regarding a data breach response.
The plan enables the district to respond effectively and efficiently toe a data breach involving personally identifiable bull information or PII II,
confidential or protected information district, identifiable information and other significant cybersecurity incident.
The data breach response plan shall include processes to validate and contain the security breach. Analyze the breach to determine scope and composition, minimize impact to the users and provide notification
What are the differences between disaster recovery and a data breach?
A disaster recovery plan is used in case of a disaster like fire, flood tornado building collapse, etcetera, that could in turn effect data. In this situation, environmental factors may be the biggest threat. A data breach response plan is enacted when confidential data has been accessed without authorization.
A data breach is often a much more critical incident.
Then, when a disaster recovery plan is needed
In today's video, we discussed what is a critical incident and how should you respond?
How to maintain business continuity during a critical incident,
what should be included in a disaster recovery plan and what should be included in a data breach response plan.
This lesson completes module to In the next module, we will begin discussing the supplemental materials you will need for your data governance policy, beginning with defining your terms and federal regulations. See you soon.