Norfolk Public Schools (NPS) would like to acknowledge the error that resulted in the information of some students and staff being compromised. The information in question did not include actual medical records, student ID numbers or social security numbers. It did however address medical needs as they related to issues of mobility and other challenges that first responders would need to be aware of when coordinating the safe transport of students and staff during an evacuation or other crisis. For example, detailed information on Student A could have included specifics on an anxiety disorder that required extra care to be taken when evacuating a building or Employee B may have been listed as having diabetes or high blood pressure. This knowledge is critical in the event a crisis plan has to be executed. While the information is necessary for the comprehensive plans, it was incorrectly posted for public view, and for that, the administration apologizes for the error.
The information was to have been placed on the private domain area of BoardDocs, a platform used to manage materials for school board meetings, but was instead placed on the public domain. We have sought the advice of our legal counsel and have had internal conversations since the issue was brought to our attention, in an effort to address this situation. We absolutely take the privacy of students and staff seriously. We have been thoughtful in our approach to identifying where the breakdown in the process that led to the breach occurred and in remedying the situation. As we seek guidance from legal counsel in collaboration with the Family Compliance Office that enforces FERPA (the Family Educational Rights and Privacy Act), I assure you as your superintendent, our corrective action will include reaching out to all affected parties. We are committed to improving processes going forward and sincerely appreciate your understanding and continued support of NPS.