Childhood is Fleeting, Data is Forever
by Sue Greenwald, M.D.
photo credit: freepik.com
My husband spent 31 of his teaching years at Kearney Public Schools. He loved every minute. He retired as of Christmas of 2018.
Seven years later, he received a letter from the KPS district. It started with a sentence about the district’s commitment to protecting the security of his information, and then went on to describe a massive data breach. In November 2025, KPS notified him that “systems within our computer network” were accessed, and my husband’s file containing his “name, Social Security number, direct deposit information and possibly driver’s license number” was compromised.
The district is offering one year of identity theft protection, hopefully paid for by insurance and not taxpayers.
Upon speaking with another ex-school employee, we learned that she received the same letter. She has not worked for KPS in over 10 years.
The question isn’t so much why there was a breach, as every system is unfortunately at risk. The question is, why would the district keep employee Social Security Numbers, bank accounts, and driver’s license information on their database 7 or 10 years after employment? Does anything ever get purged? Do we need a state law for that?
Such personal information is needed for direct deposit payments. In the unlikely event that a teacher who had been gone 7 years wanted to substitute teach, the information could be re-entered easily enough. Our personal bank data does not need to be saved by the school district in perpetuity.
Teachers get a state pension. That comes from an office in Lincoln and presumably all the same data is on the state computer system.
Which leads me to another question. When KPS says “systems within our computer network” were compromised, what does that actually mean?
The school districts data-share with the Nebraska Dept. of Education and Dept. of Health and Human Services. Those state agencies also data-share with the U.S. Department of Education and the U.S. Dept. of Health and Human Services (DHHS). That is a pretty vast potential network, and I would bet the farm that nothing is ever purged from those computers.
Earlier this month we wrote an article about how your local public preschool is sharing data with DHHS, and the Nebraska Department of Education received a grant to make sure it is seamless. Because “the ability to gather and combine multiple sources of early childhood data is essential to gaining a better understanding of how early childhood experiences affect students’ later educational performance and outcomes.”
The legislature approved up to $250,000 to set up a shared database between your preschool and the Dept of Health and Human Services. In true federal grant fashion, the feds initially paid to collect your data, but now it will fall to state taxpayers to fund the FTE’s (full time employees) and the cloud hosting and travel. The details are enlightening. Notice the goal is to “examine barriers” to implementation of a system. Apparently, it is a foregone conclusion the system is necessary.
See Example 2 in this article:
From the NDE website, this Early Childhood Integrated Data System (ECIDS) seems to want your family and workplace data, along with your child care provider data and preschool information. All that is required for your family to enter this data collection merry-go-round is to sign up for free preschool.
(I have no knowledge of student data being involved with the KPS data breach, but doesn’t this ECIDS look like a disaster waiting to happen?)
The Nebraska Dept of Education (NDE) also shares data with the Nebraska court system, per this 2023 state law regarding juvenile offenders. From the grant:
RATIONALE/BACKGROUND INFORMATION: In June 2023, the Nebraska Legislature passed LB 705 which included a provision for multiple state agencies to enter into a memorandum of understanding (MOU) to inform future data sharing policies and procedures, as it pertains to educational outcomes of systems involved youth. Per N.R.S. 79-303.01, “On or before October 1, 2023, the State Department of Education, the Department of Health and Human Services, the Office of Probation Administration, and the State Court Administrator shall enter into a memorandum of understanding for the sharing of data relevant to students who are under the jurisdiction of the juvenile court.
Every few years, the NDE receives a multi-million dollar grant to update something called the Statewide Longitudinal Data System (SLDS). This includes data from everyone in education, from preschool to staff, and the storage and sharing of the data seems intentionally murky. There are references to “multi-agency” use, but I could not locate specifics on which agencies.
From Education Commission of the States: ecs.org
State education data systems that began as tools for compliance are increasingly becoming engines of improvement. At their most effective, statewide longitudinal data systems (SLDSs) give policymakers, educators and learners the information they need to create pathways to prosperity from early learning into the workforce. State leaders have been working with the federal government, nongovernmental organizations and members of the public to envision, create and strengthen such systems.
The fact that NGO’s are involved is an immediate red flag in my opinion, so I followed that thread. The organizing NGO is called the Data Quality Campaign (dataqualitycampaign.org) and the keepers of the data are called the Data Governance Committee (DGC).
From datarepublican.com, the Data Quality Campaign is not funded by the government, but it is funded by the usual suspects. Zuckerberg, Gates, and Walton are the names I recognize. I guess we now know who is on the Data Governance Committee.
The grant money, however, does indeed come from a division of the U.S. Dept of Education.
Nebraska received a $4 million grant to integrate the juvenile offender program into the SLDS. The details are here if you would like to read them.
It certainly appears that federal tax dollars from the U.S. Dept. of Education are funding the collection of data from our schools through the Statewide Longitudinal Data System and this private entity, Data Quality Campaign, is where it lands.
Is it any wonder that “Systems Integration” is all the rage in education these days, and the scheme is handsomely rewarded with grant money?
The next thing to be integrated will be the reporting of every student’s social, emotional and mental health via MTSS. But that is another article.
There is clearly a universal interest in collecting data from every aspect of our lives, especially that of the youngest children.
Essentially the entire population’s data is captured by the education system. Even home schoolers are affected by this trend.
Personal data is more valuable than gold, yet there has been precious little thought given to protecting it. Breaches are going to happen. Once your identity is stolen, you can’t just buy a new one. It is a lifelong problem for the victim.
I do believe our state and local officials have good intentions, but they need to be educated on which questions to ask.
Any time personal data is collected for any reason, the question of where it will be stored, who it will be shared with, and how it will be protected, needs to be asked. Then, that detail needs to be shared with the people who are affected. Did any of our students or school staff consent to the dissemination of their data?
This is where the public needs to make some noise. We cannot assume competence or confidentiality from our government at the state or local level, and we can almost presume nefarious intention at the federal level.
Every grant comes with strings attached. Every grant should be relentlessly picked apart before it is accepted. The days of trusting the government are over.
Nebraskans need to insist that every new proposed law, statute, or grant considered by any government entity has a privacy impact review. Any grant money offered to facilitate data collection should be looked at with a very jaundiced eye.
Schools and government agencies should purge employee and student information upon separation from the job, or graduation from the school.
The legislature needs to quit shoving data collection requirements onto the NDE. It seems to happen every year, and it must be truly exhausting for the NDE staff.
Inter-agency sharing of data, especially when the agencies are not well defined, and super-duper especially when some of the agencies are NGO’s, should be banned.
There is nothing the education system needs to know about you except how well you can read and solve math problems. None of these described data systems are even doing that.
The author is a retired Pediatrician and a co-founder of Nebraska Education Coalition. Forward Nebraska is free to share, and we do appreciate our subscribers very much.
I thoroughly enjoy reading your articles, Sue. Your prodigious knowledge, expertise & passion for children's well-being are truly praiseworthy. Thank you!
Impressive reporting. Again.