Re: Please bear with me - this is an odd request ...

[Dale Lee <dlee () CALBAPTIST EDU>]

It seems this is the $64,000 question, and I don’t think that we will ever find a definitive answer. (Just like the 
issue of tuition and elasticity of demand, right?)

Even I will hold up stories like theUniversity of Texas MD Anderson Cancer 
Center<https://www.jdsupra.com/legalnews/alj-judge-upholds-ocr-s-4-348-000-data-19206/> for shock value, yet it seems 
to me that it all comes down to Treating Risk.

Anyway, you might check out the Privacy Rights Clearinghouse, which is a great resource which provides breach reports. 
It can be sorted by organization type, including .edu.

https://www.privacyrights.org/data-breaches

The data goes (way!) back to 2005, so you might be able to identify colleagues and reach out to them 
directly/discretely…

Interestingly, the State of Maine .gov site links to the PRC…

https://www.maine.gov/ag/consumer/identity_theft/index.shtml

Data Security Breaches – Information for Consumers
The "Privacy Rights Clearinghouse" has put together some very helpful information titled "How to Deal with a Security 
Breach," which can be found at the following link: http://www.privacyrights.org/fs/fs17b-SecurityBreach.htm.  Maine law 
not only authorizes the placement of a fraud alert, but also permits consumers to "freeze" their credit 
reports.http://www.mainelegislature.org/legis/statutes/10/title10sec1313-C.html


Dale
-
Dale Lee
Director of Information Security and Projects| Information Technology Services
California Baptist University