Florida PYs 2020-2023 Published Approved

Located in:
  • III. Operational Planning Elements

    The Unified or Combined State Plan must include an Operational Planning Elements section that supports the State’s strategy and the system-wide vision described in Section II(c) above.  Unless otherwise noted, all Operational Planning Elements apply to Combined State Plan partner programs included in the plan as well as to core programs.  This section must include—

    • b. State Operating Systems and Policies

      The Unified or Combined State Plan must include a description of the State operating systems and policies that will support the implementation of the State strategy described in section II Strategic Elements.  This includes—

III. b. 6. D. Privacy Safeguards

Describe the privacy safeguards incorporated in the State’s workforce development system, including safeguards required by section 444 of the General Education Provisions Act (20 U.S.C. 1232g) and other applicable Federal laws.

Current Narrative:

Privacy Safeguards

 

Core partners agree to follow all applicable federal, state and local laws pertaining to confidential information. Each partner ensures the collection and use of information containing personally identifiable information is limited to purposes that support its programs and activities.

Florida is aware that a key element of success to utilizing data across agencies for either improved customer service or improved measurement and tracking of outcomes is ensuring the integrity of all data and ensuring confidential data is treated as such. This is accomplished with various technical safeguards and ensuring personnel handling this data are properly trained in all relevant regulations and the fundamentals of handling personal and confidential data. Technical safeguards may include:

  • Approved processes that limit access to the data to only those personnel who require access to carry out their daily job functions;
  • Network security, monitoring, firewalls, etc. to prevent unauthorized access to data from entities outside of State government;
  • Encryption technology; and
  • Secure data transport mechanisms.

Data Sharing Agreements are used when confidential information is shared with another entity. All partners that will provide and share data in collaboration efforts will enter into a memorandum of understanding (MOU) and/or a data-sharing agreement to ensure security of sensitive information. All partners expressly agree to abide by all applicable federal, state, and local laws regarding confidential information and to adhere to the same standards of confidentiality as state employees.

Florida's Title II Adult Education and Family Literacy Act (AEFLA) programs ensure strict adherence to the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. 1232g), its implementing regulations (34 Code of Federal Regulations [CFR] part 99) to protect the privacy of students’ education records and afford eligible students certain rights to inspect and review education records, to seek to amend these records, and to consent to the disclosure of personal identifiable information (PII) from education records. All funded adult programs must submit signed assurances concerning privacy safeguards and periodic review of such safeguards are part of the Department's compliance monitoring system.

In addition to the safeguards listed, Florida Division of Blind Services (DBS) ensures strict adherence to the FDOE Acceptable Use Policy document, and all employees must sign a Data Use Agreement that specifically states all confidential information shall be used solely for the purpose of conducting the work of the Florida Division of Blind Services.  Access to confidential client data is strictly limited to DBS employees based on their job function and ‘need-to-know’ basis in order to perform the functional duties of their position.  All employees, contractors and agents must complete mandatory security awareness training conducted annually by FDOE.   The required security awareness training advises employees, contractors, and agents of the civil and criminal sanctions for non-compliance to applicable Federal and state laws.   Florida DBS follows the policy and procedures detailed in the FDOE Computer Security Incident Response policy document that provides the steps required to respond to suspected computer security incidents by identifying and controlling the incidents, notifying designated Computer Security Incident Response Team (CSIRT) responders, and reporting findings to agency management.

Florida is a signatory state for the State Wage Interchange System (SWIS), and the Florida Department of Education (DOE) is an Access PACIA. To limit the parties involved and further bolster customer privacy, Florida Division of Vocational Rehabilitation conducts matching of both Unemployment Insurance (UI) records and educational records through Florida DOE for the purposes of WIOA.