Dive Brief:
- U.S. Department of Education officials appeared before the House Oversight and Government Reform Committee this week, admitting weaknesses in the storage and protection of personal data relating to millions of student loan borrowers.
- The Washington Post reports Democrats and Republicans alike criticized the department, noting 10 out of 26 recommendations for improvement from a 2014 report were repeats from a prior year, though CIO Danny Harris said many problems take time to address.
- Committee members criticized how rarely Harris meets with Secretary Arne Duncan (about once per month), and Harris’ testimony that the department isn’t directly responsible for security in the many databases controlled by outside contractors.
Dive Insight:
Department of Education Inspector General Kathleen Tighe testified that her office was able to infiltrate department systems without detection and said that, although Harris feels confident in the database security, she sees potential for “significant vulnerabilities.” Harris, during the testimony, seemed to be doing all he could to prevent a panic among the millions of student loan borrowers whose social security numbers and other information is stored in questionably secure locations. While he acknowledged there was “a tremendous amount of work to do,” he said the department is working hard to get it done and stressed that the general public should not think the system is not secure.
The Department of Education’s Office of Federal Student Aid got its own share of criticism this week for inadequate communication with contractors, colleges, and borrowers.