Information about a data breach at one of the school’s business partners
We are writing to inform you that one of the school’s business partners has had a data breach during a data transfer task. The breach caused unauthorized access to data for staff and students during a 1-2 month period. The error has now been fixed, so the information can no longer be accessed. Further, data has not been accessible to anyone outside the school. Therefore, we assess that the risk of data misuse is very minimal.
We have prepared and developed a complete analysis, which provides information about who has accessed data and what information has been opened. The type of information includes general data as well as sensitive information. Therefore, the school’s management will, of course, take the necessary steps concerning the few people who have accessed data unauthorized. The school will also contact persons whose data has been accessed without authorization.
Throughout the process of the data breach, Rygaards Skole has worked closely with our GDPR consultant and the business partner to have the error corrected. The Danish Data Protection Agency (Datatilsynet) has also been informed of the case.
We want to highlight that this is just a notice to inform you, and that you do not need to do anything. Should you have any questions, please feel free to contact our School Principal, Elsebeth Trap, at [email protected].
Kind regards,
The School’s Leadership