Skip to the main content.

Modernize & Transform

Built to help you reimagine IT operations, empower your workforce, and leverage AI-powered tools to stay ahead of the curve.

Untitled design (3)

Empower My Team

We bring together the best of Microsoft’s cloud ecosystem and productivity tools to help your people thrive.

Untitled design (3)

Build My Infrastructure

We offer a comprehensive suite of infrastructure services tailored to support your business goals today and scale for the future

Untitled design (3)

IT Services

Our managed and co-managed IT service plans deliver a responsive and innovative engagement to support your IT needs, improve employee experience, and drive growth for your business. 

Untitled design (3)

Cybersecurity Services

Sourcepass offers innovative solutions, including SOC, GRC, Security Assessments, and more to protect your business.

Untitled design (3)

Professional Services

Grow your business with cloud migrations, infrastructure refreshes, M&A integrations, staff augmentation, technical assessments, and more.

Untitled design (3)

Resource Library

Stay ahead, stay connected, and discover the future of IT with Sourcepass.

Untitled design (3)

Events & Webinars

Dive into a dynamic calendar of webinars and in-person gatherings designed to illuminate the latest in managed IT services, cybersecurity, and automation.

Untitled design (3)

 

The Sourcepass Story

Sourcepass aims to be different. It is owned and operated by technology, security, and managed services experts who are passionate about delivering an IT experience that clients love.

Untitled design (3)

The Sourcepass Experience

At Sourcepass, we’re rewriting the IT and cybersecurity experience by helping businesses focus on what they do best, while we deliver the infrastructure, insights, and innovation to help them thrive.

Untitled design (3)

 

Are You Keeping Up with New York State Education Law 2-D Compliance?

 
Are You Keeping Up with New York State Education Law 2-D Compliance?

Complying with any form of regulation can be difficult, but it’s especially important for New York State school districts to stay up to date with Education Law 2-D. This system has undergone some updates since inception — are you sure you’re still compliant? 

What Is NYS Education Law 2-d?

First enacted in 2014, Education Law 2-D was developed to protect the personally identifiable information (PII) of students and education professionals. The intention was to better protect this data as it was collected, accessed, and stored in centralized school board databases, which were becoming targets for more and more sophisticated cyber-attacks.

In 2019, new additions to Education Law 2-d were proposed, including the adoption of the National Institute for Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity Version 1.1 (CSF, or Cybersecurity Framework). Furthermore, school districts must appoint at least one “protection officer”, similar to information security roles defined in HIPAA compliance for the healthcare industry.

Are you sure you’re compliant with Education Law 2-D? If your last review was in 2014, you may not have kept up with the more recent developments.

3 Tips for Managing Your Education Law Compliance

These tips will both help to give you a clearer idea of where your organization currently stands, and help you better understand your obstacles as you prepare to make the changes needed to reach compliance.

Delegate Important Roles

Someone on your staff, or your IT support provider, should be taking on the role of Privacy and Security Officer for your organization. While not specifically asked for, you’ll also need to have members of your team handling compliance documentation.

Individuals with good organizational and writing skills are needed in this position, given that documenting your actions is a substantial requirement of education law compliance.


Gather Necessary Information Through Assessment

You can’t make any of the necessary changes to your current education law compliance if you don’t know your current situation. Whomever you delegate as the compliance officer will need to start by gathering crucial information about the state of your compliance. This is one way in which your IT partner can be so helpful.  
 
An IT company like Sourcepass that specializes in education law compliance offers assessment and audit services that double-check an organization’s compliance against widely accepted best practices.


Train Your Employees

One the right organizations and policies are in place, the last part of your cybersecurity defense that needs attention is you and your employees.  
 
A comprehensive compliance and cybersecurity training program will teach your staff how to handle a range of potential situations including:

    • How to participate in the compliance management process, 

    • How to identify and address suspicious emails, phishing attempts, and social engineering tactics,

    • How to use business technology without exposing patient data and other assets to external threats by accident,

    • How to respond when you suspect that your organization is non-compliant. 

IT and Compliance Services with Sourcepass

Don’t put your compliance at riskWork with a qualified partner to develop an assessment, strategy, remediation plan, and on-going compliance management process to improve the efficiency and effectiveness of your program. 
 
Michael Ducsak is the Sourcepass Chief Information Security Officer. Reach out to Michael at (877) 678-8080.