Part of the Bay Area News Group

MDUSD responds to questions regarding theft of laptop containing confidential employee information

By Theresa Harrington
Sunday, December 23rd, 2012 at 12:35 am in Education, Mt. Diablo school district.

After word of the theft of a Mt. Diablo district laptop containing confidential information spread Friday, I received the following news release from General Counsel Greg Rolen. Although it was sent to me on Dec. 21, it appears that the news release may have been written days earlier, before letters were sent to the affected employees on Dec. 18.

“Concord – On December 1, 2012, a thief broke a window at the offices of Mt. Diablo Unified School District (‘district’) and stole a password-protected, unencrypted laptop. Law enforcement and district staff were immediately alerted by the office’s security system and have been investigating the incident. The stolen computer contained files that included names, dates of birth, addresses, and Social Security numbers for employees and former employees. No financial or bank account information was involved. The district has no reason to believe that the computer was stolen for the information on it or that the information on it has been improperly used in any way.

While the District has not received any reports of misuse, it will be sending letters to all individuals whose information was on the laptop by December 18, 2012. The letters will have instructions for enrolling in credit monitoring that is being paid for by the district. The district will also provide a dedicated call center for individuals who receive a letter to call.

The letters will be mailed to all individuals who worked at the District between 1998 and 2010. If you do not receive a letter by December 21, 2012, please visit our website where you will find instructions on how to find out if you are affected. We will use the United States Post Office change of address database to find current addresses.

‘We do not believe that any of the information was improperly used, however, as a precautionary measure, we are making this notification and offering eligible individuals one year of credit monitoring and assistance in identity theft protection,’ said Superintendent Dr. Steven Lawrence.

The district deeply regrets any inconvenience this incident may cause. To help prevent a similar incident from happening in the future, the district has implemented measures to minimize the use of employee Social Security numbers [and will install encryption on computers that contain sensitive information].”

After I attended a special board meeting at the district office Friday, Chief Financial Officer Bryan Richards told me that 15,927 letters had been sent to employees and former employees of the district. In addition, he told me that a second round of similar letters would be sent to 2,200 people who worked in the Berkeley school district between 2003-04, because their confidential information was also believed to have been on the laptop.

Richards confirmed that the laptop was stolen from his office and said it had been a “loaner” because his regular laptop was “in the shop.” Two bricks were found outside his office where a window was broken, he said.

The laptop had previously been used by an employee who had worked for the Berkeley district before coming to the Mt. Diablo district, he said. That employee no longer works for Mt. Diablo, he added.

Richards said the district didn’t notify employees sooner because it took a while to determine what was on the laptop, using a backup system. He also said it took a while to find the current addresses of the people whose information was on the laptop.

The social security information was left over from the time when districts used to put such data on payroll documents, Richards said. Now, he said, social security numbers are no longer used on pay check stubs.

Regarding the surveillance video, Richards said it was his understanding that it had been reviewed and that it was not possible to identify the suspect(s).

Board President Cheryl Hansen said she wasn’t sure how much it was costing the district to provide the identity theft service, but she thought it might be covered by district insurance. She said the board learned about the the theft during closed session Dec. 10, under “anticipated litigation,” since it’s possible that employees could hold the district liable if their identities are stolen.

Richards said the district has already begun implementing procedures that do not use social security numbers in documents. He has also begun exploring the possibility of using encryption, but no decision has been made about contracting for that service, he added.

The big outstanding question here is: Why did a “loaner” laptop that apparently wasn’t being used by any employee have all that confidential information on it? And how many other computers in the district may have this type of information on them and be loaned out to employees when their computers are in the shop?

Richards said his laptop, which was being repaired, did not contain this type of confidential information.

Trustee Brian Lawrence told me he wants to review the district’s security protocols and strengthen them, where they may be lacking. Clearly, computers should be wiped clean of confidential information when employees who are using them leave the district (or when the information is no longer being used).

Alicia Minyen has said the district needs to hire an internal auditor. I’m not sure if an internal auditor would have caught this, but it seems pretty likely that an internal auditor would not condone keeping this kind of data on “loaner” laptops.

What do you think the district should do to tighten up its protection of confidential employee information?

DEC. 28 UPDATE: I have just spoken to CFO Bryan Richards who clarified that the information was not on a “loaner” laptop after all. He said it was a laptop that had been reassigned to him by the Technology Information Systems Dept. and the data had been transferred from his previous computer, which was left-over from a previous CFO. He said he is not sure who brought the data to MDSUD from Berkeley.

In addition, Richards said he could not answer questions regarding how much it is costing to provide the free identity theft service. That question, along with any other legal or insurance questions, should be answered by Greg Rolen, he said. Unfortunately, however, Rolen has not yet responded to my phone message asking for more information.

DEC. 28 UPDATE: Here is a followup story that touches on questions about the theft being raised by MDUSD employees and retirees: http://bit.ly/10u3WLg

I will prepare a new blog post with additional information I received from Rolen and Richards.

[You can leave a response, or trackback from your own site.]

  • g

    Whatever they do it won’t be done before Solar, or before favored contractors are guaranteed their piece of the pie. Multiple Modulars stuck all over the place take precedent over student or site security. They do plan to upgrade, add digital, and other security system/alarms etc. in 2013.

    First thought: How many hands had “borrowed” that computer?

    Second: As Executives leave, don’t they lock their private office doors to secure sensitive files and computers? Or Was his door also broken into?

    Third: Just his office? Just his computer? Somebody was intent enough to bring their own bricks, but left with just one computer–or are we just being told about the one that had personnel information on it? Or were there loose bricks just lying around the building begging to be chucked at the windows?

    Fourth: 16,000 employees in 12 years is a whole-big-bunch of turnover.

    Fifth: How about this board gets with the new program. Start reporting out action taken in closed session ‘in a timely manner’ whether for approving expenditure of funds for Experian, or -whatever. Ten days after it happened, ‘somebody’ knew if Experian was covered by insurance. Wasn’t that ascertained? Why does Cheryl just “think” it might be? I thought the district was ‘self insured’ for most things. If so, that certainly doesn’t make Experian cost any less–it’ll just come out of a different bucket.

    Sixth: They reported the theft to the CA State Attorney General 10-12 days earlier than they reported to the employees.

    https://oag.ca.gov/ecrime/databreach/reports/sb24-37238

    By law if more than 500 people are affected, they have to report it to the State.

    So, how about telling the folks who count. ‘We couldn’t warn people until we confirmed 18,000 addresses’ is: A) a crock. How about your 5000 current employees immediately, and the rest as soon as you could.

    We are counting on This board to not hide closed session information until it is “convenient” to make it public.

    Seventh: Strike one.

  • Doctor J

    Show us the surveillance video — its a public record. Lets hear the 911 or other police tape recordings of the reporting of the crime.

  • Doctor J

    ComputerGATE — Richards must have known what information was on this computer — why did he leave it on ? Why didn’t he secure his computer before he left Friday night ? Who is the person(s) that put this information on the computer ? Why wasn’t the computer “wiped clean” by IT before it was “lent out” ? Did Berhart and Whitmarsh ever return their computers to MDUSD ? Has their access to MDUSD reccords been eliminated ?

  • Doctor J

    Berkeley Unified — has anyone asked that district how its confidential employee information got onto a MDUSD computer ? They have a major security breach themselves. Have they reported the data breach to the California Attorney General ?

  • Rich

    Theresa,
    I think you have a major story here. The explainations by the district of what occurred are questionable. The Concord Police department is providing very little information. The events involve at least three of the district heads. There will probably be 2,000 employees involved with notification before this is over. I would not be surprised to see other media outlets coming in on this. It will be interesting to see how board votes on administration contracts.

  • Rich

    Sorry guys, I meant 20,000 employees, not 2,000.

  • Doctor J

    @Rich#5 Bryan Richards already said the letter went out to 16,000 current and former employees — plus there is another 2,000 from Berkeley, which I would presume that MDUSD has to obtain current mailing info from Berkeley. That is at least 18,000 affected employees. Lots of unanswered leadership and policy questions, potential liability, etc. We await answers to these questions. If Steven thinks he can use Christmas and New Year’s to shield himself, its time to dial his cell phone.

  • Doctor J

    One of my insurance friends just told me that a big question that should be asked [hint hint Theresa] — how much is the insurance deductible ? And when is the renewal date for the policy so follow up can be made if the district will be cancelled. He also said a copy of the insurance application and policy should be obtained to see if the districts representations were accurate and what are the “exclusions” for these type of event as the insurance company may be “denying coverage”.

  • Theresa Harrington

    There is now a large message in red on the district’s home page with information for employees and former employees who received a letter from the district: http://www.mdusd.org/Pages/default.aspx

    Regarding accountability, the district’s organization chart shows that Richards oversees IT and Technology Services, which should be responsible for erasing sensitive data from loaner laptops: http://www.mdusd.org/superintendent/Documents/org-chart.pdf.

    Also, although it isn’t listed, Greg Rolen oversees risk management. As I recall, that was also part of the justification for his $30,000 salary increase. Obviously, the buck stops with the superintendent and the board.

    Linda Mayo was the trustee who helped put together the agenda for the Dec. 10 meeting and she reported out of the closed session. Hopefully, agendas from now on will give more detail about what is being discussed and reports out will be more thorough.

    It appears that the board is still looking to Rolen and the superintendent for guidance regarding how much to say about these issues. Trustee Barbara Oaks told me she couldn’t say anything, but she confirmed that this was discussed Dec. 10. Trustee Brian Lawrence said he could confirm what I already knew, but he said the district was trying to balance the need to inform the public with the need to protect employees. Hansen said she didn’t want to compromise the police investigation by saying too much, but she’s the one who acknowledged the district could face lawsuits from employees over this. They all referred me to Rolen for more information.

  • Hell Freezing Over

    1. How did the “district” end up with this computer? Please tell us someone at the “district” can trace this computer back to it purchase order date and any “maintenance” performed on it. For that matter, how many laptops does the “district” own and what is the status of those assets? Don’t forget the “district” recently obtained a boatload of iPads; where are are all of those assets, who is using them and how are they being used?

    2. How can a computer be “used” by an employee who worked in one district (Berkeley), and then by the same employee who worked in another district (MDUSD)? Computers owned by the “district” don’t follow an employee from one place of employment to another, so how and why did Berkeley employee data get put on this MDUSD owned computer? What other data was stored on this computer?

    3. Who had access to / use of this computer in its lifetime? There has to be a list of “ownership” for this computer showing who used it, when they used it and when it was returned it. If it was a loaner, I’m shocked that it wasn’t wiped clean before being handed out to another employee for use, no matter how short of a time that may be.

    4. Why would any employee of either “district” have this type of information on a computer? The only area with the need to access the type of data found on it would be personnel dept staff. Note: Needing to access files and having data stored on a computer are two very different things.

    5. Who is the person who was employed in both districts that Richards said used this computer and is no longer with the “district”? When did the employee who had used this computer as their primary computer leave, and for what reason?

    Sooooo many questions … What a mess for all involved. I would bet voice mail and email inboxes at Dent have been maxed out by extremely anxious and pissed off former / current employees as they learn of this breach of personal information when they recieve their letter in the mail over the holiday break. Postage must have cost us – the MDUSD community and families – thousands of $$$$ alone; then there is the cost of the ink in the printers, the paper to print the notice on, the printed envelopes to mail the letters in, the electricity to run the printers and postage machines, the time of Dent staff to compose, stuff and mail those notices … And there will be lawsuits filed … We will never truly know the real cost of this mess.

  • g

    Theresa: I can find nowhere that this “News Release” was ever published. Not in the Times, or on the district website. I wonder, did the district mail one letter to tell 18,000 people that a second letter would be coming?

  • Rich

    Dear Frozenover
    To Muddy things a bit more:
    1. There are a lot of computers, privately owned by staff members, that are on the MDUSD system.
    2. That may give you a partial answer to your #2.
    3. Good luck on the ownership issue. There are so few techs and so little money for equipment that I would be “shocked” if there were notes on the use of a computer.
    4. It took a lot of work to get the district to give us an employee number rather than a Social Security number. There were a lot of documents out there with our SSN and we complained about this back in the 90′s to get it changed.
    4-5. Every year, we met with a representative from an insurance firm that the district brought in, that went over our buying disability insurance, cancer insurance, 403b accounts and other types of products. You’d set down with these folks and they would type your name in the laptop and, guess what? You’re SSN and date of birth would show up on their screen. There was no CAT5 cable going to the laptop, just a power cord. I could only guess that they already had a copy our records in advance. The same representatives worked a number of districts.
    As a teacher, I heard very few concerns about our ID security. We had too many other things to worry about.

  • Pat

    Mr. Richards should be fired for the shocking disregard of private employee personal information. To leave a laptop with this information on his desk when he is not at work is beyond irresponsible. Do folks realize that the rest of our lives we will have to have credit monitoring? And since this insurance does not monitor bank or credit card accounts, we will have to monitor them ourselves, and/or purchase special insurance that covers account theft. With social security numbers and birth dates, thieves can wipe out our bank accounts. Also, this insurance does not put a 7 year credit freeze on our accounts at the three credit agencies. If you want that you will have to file your own theft report with the police.

  • Doctor J

    Police investigation ? I thought they gave up — just referred back to the district and are depending on insurance to follow up.

  • Hell Freezing Over

    Rich #12 – wow. Incredible. Your post should have our new board member Brian Lawrence (tech executive) twitching and spitting nails.

    Your response on #1 is simply astonishing. Im still trying to pick myself up off the floor after reading the rest of your responses.

  • Anon

    Congratulations to the district and the times. By publicizing that the computer contains valuable information, you have just turned a $100 P.O.S. computer into something much more valuable and now there is a real possibility that the information will end up in the hands of evil doers. More great reporting!

  • Theresa Harrington

    g: News releases are not published verbatim in the Times. They are supposed to be sent to news organizations and then it’s up to the news outlet to decide what to do with it. But, the district has a habit of not seeming to understand how to prepare and distribute a news release. Remember back when Deb Cooksey produced a “News Release” about union negotiations, but failed to actually send it to any news organizations? She said she had left copies of it in the back of the room at a board meeting, where I didn’t see it and I don’t think any other news organizations saw it either. The district didn’t get around to posting that “news release” on its website until after the board meeting, when it was too late for anyone to respond to it. At that time, I explained to Cooksey that news releases are normally sent or faxed to news organizations. She responded: “I’m just learning.”
    The “news release” I received was emailed to me by Rolen, but I don’t know if it was sent to any other news organizations. The release itself was not dated. However, since it refers to the Dec. 18 mailings as though they will occur in the future, it appears it was written before that date, but not sent out until Dec. 21.
    The superintendent’s messages to the community are also often called “news updates.” These are normally posted on the district’s website.
    It’s unclear why the district didn’t post this “news release” on its website. That’s why I posted it, so the public could see exactly what was sent to me (and possibly to other media outlets).

  • Theresa Harrington

    Anon: That information was in the “news release” sent out by Rolen. If the district didn’t want that information to appear in the press, why did it include it in its own press release?

  • Giorgio C.

    Has the MDUSD had a district Performance Evaluation performed in recent years, such as the one WCCUSD requested, found here?

    http://www.wccusd.net/cms/lib03/CA01001466/Centricity/Domain/90/MGTFinal-WCCUSD.pdf

    Such evaluations tell the Superintendent and Board where any weaknesses might exist. They are a powerful tool for the quality improvement process. If this has been done, where can we find this document?

  • Rich

    Dear Anon and the Evil Doers,

    There’s also the good chance that with this knowledge, we can protect our personel credit information. So, thanks Theressa for getting out the information and publishing it and thanks MDUSD for getting personel ID protection for us. It’s not a perfect answer but we needed to know.

  • http://www.k12reboot.com Jim

    @17 — “I explained to Cooksey that news releases are normally sent or faxed to news organizations. She responded: ‘I’m just learning.’”

    That’s the problem, isn’t it? At MDUSD, the six-figure-a-year administrators are always “just learning” about the things that most adult professionals understand within the first year or two on the job. Meetings should have agendas. Agendas should be circulated prior to meetings. Contracts should be read before being approved. Press releases should be — get this — released to the press. And now, they are “just learning” that confidential, personally identifiable employee information should not be kept in unencrypted form on unsecured “loaner” laptops that get passed around an organization and left on desks overnight.

    Again we must ask, do you really think these “learners” should be in charge of ANYONE’s education?

  • Brian Lawrence

    On Dec. 10, at my first meeting as a MDUSD Board Member, we were informed of this crime in closed session. It was not reported out to the public immediately because of the concern that detailing exactly what had been stolen would actually make the stolen item more valuable to the criminal.

    At the Jan. 14th Board meeting, our next regularly scheduled one, I’ll be requesting a full reporting on this matter during public session. I’m compiling a list of questions that I will be asking the Superintendent and General Counsel- I will share my questions with the public prior to the meeting.

    The Board’s duty is to understand exactly what happened and how we can prevent anything like this from happening again.

    I can be reached at brian@briantlawrence.com if you have additional questions or comments.

    Thank you.

  • Hell Freezing Over

    Anon #16 – that information should have never been saved to that “$100 P.O.S. computer” as you call it, in the first place. Any fault for any outcome of the theft is squarely on the district tech dept and then the CFO, who compounded that mistake by leaving the “P.O.S. computer” unattended and not secured on his desk in plain view.

  • Theresa Harrington

    Brian, Thank you for responding.
    I understand that Trustee Linda Mayo made her own public comment before the first closed session on Friday, suggesting that she thought it was inappropriate for board members to comment on blogs. I surmise by the fact that you are still responding to questions on this blog that you disagree with her assessment.
    Since I wasn’t there to hear what she said first-hand (and the district still hasn’t posted the audio), could you please recap it for us and let us know why you apparently do believe it is appropriate for trustees to use this forum to communicate with the public?

  • Brian Lawrence

    Theresa,

    One of the things on my list to tackle is to work to have a way to broadcast the meetings in real time on the web- I’ll be working on that one in January. Ideally it would also have a video archive that would be immediately accessible.

    I am open to having productive, respectful conversations in lots of different formats- blogs being one of them. I won’t presume to speak for Mrs. Mayo.

  • g

    Brian; Thank you for your candor. Now, just be careful and don’t step on the dog’s tail by offering your opinions of the board’s pending issues, lest you be accused of using the Blogs to try to influence other board votes.

    Believe it or not, the watchdogs don’t just want things OUR way.

    We want them the RIGHT way!

    None of us want things that need to be kept confidential by law, to be leaked out of closed session. However, if any sort of collective Action was taken — on anything really — but specifically in this case to instruct staff to expend funds, ie. Experian, you simply should have stayed in closed session until you came up with a responsible way to report that out.

    Of course you could have just instructed council to “proceed as necessary”, and then voted to “continue” the item to the next meeting.

    Then your Report Out would have been. “Discussion and finalizing of one Pending Litigation item has been continued to Jan 14, and we will report our findings on that date.”

    Now how easy was that?

    Please don’t leave room for us to have to come after this shiny new board over making decisions in closed session and not properly reporting it. Secretive discussions and approvals of Grand Jury responses come to mind.

  • Giorgio C.

    @17:
    Theresa,
    The “I’m just learning” excuse does not hold water. The very fact that you (a non-employee) are having to articulate protocol to a district employee is a BIG problem.

    When “I am just learning”, I rely on reading written procedures until I have learned them. The superintendent is responsible for making sure these procedures have been drafted and distributed to appropriate staff. If the procedures are incomplete, then DC cannot be held accountable. That is the Superintendent’s responsibility, who is assessed by the school board.

    Sample Superintendent Performance Assessment form
    http://boe.wood.k12.wv.us/policies/approved/2111.pdf

    Changes to procedures are also distributed with a “Change in Policy” communication. All documents are accompanied by an attestation signature sheet. This is why I previously referenced the district Performance Evaluation, because the auditor will point out deficiencies in communication and procedures. I would have asked “DC” for a copy of the News Release Procedure she is learning from. You can still do this, Theresa.

    Whenever there is a major incident, a board member should get out the org chart, job descriptions, and all relevant training documents. Sometimes, honest mistakes are made. Sometimes, cash-strapped districts are the victims of numerous mistakes because they are forced to hire the least experienced or least qualified staff. This includes teachers and administrators.

    For this reason, it is incumbent upon the Superintendent to ensure these new employees who are just learning have all necessary reference documents at their disposal. The Superintendent must create an environment that mitigates the ill-effects of the “I’m just learning” scenario.

  • Brian Lawrence

    G,

    Board President Cheryl Hansen reported out the Dec. 21 closed session with substantive detail. That will be the standard going forward.

  • Pat

    I have two friends in their eighties who retired from teaching before the 1998 date listed in the newspaper article. They received letters Saturday. And they don’t know what to do since the news release says 1998, the letter says 1998 and yet they have an activation code for the ID Protect. So how far back does this apply to retirees? And should they enroll?

  • Pat

    Further, the last word in the link that the district listed in the letter for the security service is “/protect”. That should read “/enroll”. If you linked to the former, it instructs you to purchase the product. If you go to the later it instructs you to enroll with your activation code. The customer service personnel will cancel it if you accidentally sign up to pay yourself because of going to the wrong part of the site. The representative I spoke with said it was unfortunate that the district listed the link incorrectly and that they were fielding lots of calls because of this.

  • Doctor J

    24 days since the burglary of a single laptop containing confidential information — the Concord police don’t work property crimes that hard — no arrests, no suspects, and 18,000 victims. More questions every day. Silence from the “point man” Greg Rolen — his SOP. Steven Lawrence won’t release the surveilance video — might the public not recognize the perp ? Maybe that’s what they are afraid of.

  • Doctor J

    @Brian#28 I laud the “new standard” but there haven’t been any communications about what she reported nor the contents of the Taber discussion. The district hasn’t posted the audio, it appears that the voting record on the electronic agenda wasn’t used, and so we don’t know who voted for what, so the public is once again left “in the dark”. I know you are going to propose live webcam, but in the meantime . . . for the public, its DDSS.

  • Theresa Harrington

    Dr. J: Although I have not yet had time to post the video clips, I have already reported out what Hansen said and how the board voted.
    Again, Hansen said the board discussed exactly what was written on the agenda — anticipated litigation from Wendy Lack and the five district employees whose contracts are at issue. She said the board would publicly discuss its response to Lack’s cure and correct letter Jan. 14.
    The board unanimously approved the Taber contract after a lengthy presentation by Pete Pedersen and Tim Cody. As usual, however, the PowerPoint presentation was not posted online before the meeting and it is still not posted: http://esbpublic.mdusd.k12.ca.us/public_itemview.aspx?ItemId=6135&mtgId=390
    Although Pedersen promised to send it to me, I haven’t yet received it.
    If the board is truly pushing for transparency, these PowerPoints should be uploaded BEFORE the meeting begins, so the public can see them ahead of time and possibly even comment on them before the board votes. If they are not posted before the meeting, paper copies of them should be distributed during the meeting and they should be posted immediately after the meeting.
    Often, when I ask the superintendent’s secretary why these aren’t posted, she says the staff member (or other person giving the presentation, such as Jon Isom), never gave it to her. This isn’t rocket science. If the board requires staff to give Powerpoints to the superintendent’s secretary, she can ensure that they get posted. If the board doesn’t insist on this, the public may never see the Powerpoints unless they are sitting in the room when they are presented. And even then, they won’t be able to review them before or afterwards.

  • Brian Lawrence

    I think it is reasonable to give at least one business day for the voting record to be posted. The special session took place on Friday and ended after 7:30 PM. I’ll ask/request that it be posted by COB on Wednesday. ESB was not used for the meeting- we may look at another system- certainly seems to have limitations.

    Theresa- you raise a very good point and one I’ve mentioned before. At the start of each presentation, I’ll ask if it has been posted for the public. The District absolutely should be posting these before meetings. In the interim, I will post them myself whenever possible and/or necessary.

    Board President Hansen did also report out that the Board had unanimously voted to schedule the Superintendent’s evaluation for January. I don’t have the exact wording of it, but that was the gist of it. That was the result of the second closed session.

  • http://www.k12reboot.com Jim

    @34 — Good news that the Superintendent’s evaluation is finally going to be conducted, after so many questionable years on the job. And since his current contract extension apparently wasn’t legal, perhaps the evaluation can now be completed BEFORE a final contract extension commitment is made. Imagine that! Doing things in the appropriate order for once!

    It is all happening ever so sloooowly, but the Board may finally be showing the “learners” at MDUSD how their $300 million/yr enterprise ought to be managed. There may be limits to how much this dysfunctional district can be reformed, but at least now maybe it doesn’t have to remain the laughing stock of Northern California.

  • g

    What was discussed in that second closed session? At Comment #160 under MDUSD BOARD ACCUSED OF VIOLATING BROWN ACT, Theresa says: “Closed session is going seriously overtime. I was unable to get to the first closed session, but heard that Ernie DeTrinidad and Wendy Lack spoke. DeTrinidad reportedly asked for more information about the cure and correct process and Lack read a cure and correct letter from Alicia Minyen, which I will post shortly.”

    That “seriously overtime” Closed Session was used solely for covering the Supt. evaluation; right?

  • g

    The way agenda should be handled (IMHO):
    The board would:
    Insist that if back-up documents/powerpoints are not ready to be published online with 72 hr lead standards, the Agenda will be noted, stating: “Documents will be posted no later than 24 hours before meeting time.” If docs cannot be published at least 24 hrs in advance, the agenda should state (24hrs in advance): “Documents unavailable” AND “Item continued in its entirety until the next meeting.”

    Of course there may be an ‘occasional’ exception, due to an urgent need to rush something onto an agenda, but history shows that links to many back-up docs never make it to the Agenda site, or are added later–without clarification–that makes it look like those documents were posted prior to the meeting. Too often, well after the fact we are told: “Oh, ‘that document’ is/will be posted over on the (whatever) site.” –go fish.

  • Anon

    And a Merry Christmas to All and to All a Good Night. May you enjoy the blessings of family and friends in this joyous season.

  • Doctor J

    I would like to see the Board demanding detailed wirtten staff reports supporting their recommendations — posted at least 72 hours with the agenda so the public and board members alike can consider the proposals. The problem with the powerpoints is that they have become “fluff” with just a few bullet points and little detail to support the conclusions. Of course the public is invited for comment prior to the powerpoints, and really can’t address the issues, nor critically consider the proposals. Powerpoints should never have replaced detailed staff reports. One of the problems with Monday Board meetings, is that the Board and the public lose the ability to ask questions about the proposals over the weekends when staff generally is not available to answer those questions.

  • Doctor J

    Another lie by Steven Lawrence ? He said: “The letters will have instructions for enrolling in credit monitoring that is being paid for by the district.” paid for by the district ? A teacher on Claycord is reporting that it is “free” to anyone who has a security breach. Who is telling the truth ? How much is it does it “cost” the district per person who signs up ? Does Expirian then sell your enrollment information to advertisers ?

  • Theresa Harrington

    g: Sorry my comment about the closed session going overtime was confusing. I was referring to the first closed session. I meant that I didn’t get there for the beginning of it to hear the public comments before it. I arrived at 5 p.m. for the regular meeting, but the closed session went about 25 mins late. I did not hang out for the report out of the second closed session, in which trustees discussed the superintendent’s evaluation.

  • g

    Thanks for explaining, Theresa. Next questions for the Jan 16 report:

    1) What is it costing internally – mail costs, new encryption service company, etc?

    2) How did they decide on Experian? Did they go out for bids to see which company gives the best service – for the best rates?

    Not sure about any discounts for large enrollments, but individually, Lifelock is about $12 per year less than Experian and is more highly rated.

  • g

    The recording of the 12/10 board meeting is “Partial” leaving the public in the dark.

    The recording of the 12/21 Special meeting is posted. Unfortunately, it does NOT include any of the reporting out of the closed sessions. Direct from the district site there is 49min01seconds. It jumps from going into the first Closed Session directly to the Open Session. When downloaded to get full results, there is still no reporting out of the first Closed Session. Then, the recording ends at just over 51minutes with Ms Hansen closing the Open session, and saying “We will now go into Closed Session.”

    Where can we listen to or see published transcripts of the Reporting Out of both closed sessions?

  • Rich

    Those that received the district letter need to read the entire 2 1/2 pages. There’s a lot of work to do. I was informed by a retired colleague that the FBI considers this a theft of our personal identification information. On the district letter, it advises to contact the FTC. The FTC advises each of us that is concerned to file a police report and do a variety of things for our credit protection.
    Please take the time to protect yourself.

  • Rich

    There’s more,
    Our letters were mailed from Claysburg, Pennsylvania and the district’s link for those that received letters takes you to what looks like a Power Point… that doesn’t work.

  • Rich

    So I checked out Protect My ID. Of course they’re part of Expedian and they have a program “Data Breach Resolution.” I read all the reviews I could stomach. There were no comments about Protect My ID protecting them. There were many complaints about Protect My ID charging monthly fees without permision.
    It was when I found Expedian’s “Data Breach Resolution” video that I felt complete. Here’s the link for the video: http://www.experian.com/blogs/data-breach/2012/01/31/947/

  • Doctor J

    So which police department do you call ? Can you imagine the Concord Police getting 18,000 calls because Steven Lawrence asked them to follow the instructions in his letter ? Concord Police where the burglary occurred ? Or the Police Department where you live ?

  • Doctor J

    @G#43 I guess Brian Lawrence wasn’t aware that staff has not been instructed to record “all” of the reporting of the Open Session that would include the reports on the “closed sessions” which would require staff to remain until the completion of the meeting.

  • g

    Dr J: Are you insinuating that Dr. Steven Lawrence, the board secretary, does not know the importance of, or how to, turn a recording device on as soon as Open Session starts, or keep a recording button turned on until the gavel comes down, or how to turn it off, pop a disc, secure same?

    Maybe he also needs an “Exhibit A.” ;=)

  • Theresa Harrington

    I specifically asked Joe Estrada if he recorded the open session before the first closed session and he said he did. He also said it would be part of the audio that would be posted on the website. I recorded the first report out of closed session and will post it in the morning, along with the Taber discussion and vote (I’m back at work Thursday and Friday).