Section 24-704 - Governing Board.
§ 24-704. Governing Board.
(a) Established.- There is a Governing Board of the Center.
(b) Members.- The Governing Board shall include the following members:
(1) The Secretary of Higher Education, or the Secretary's designee;
(2) The Chancellor of the University System of Maryland, or the Chancellor's designee;
(3) The President of Morgan State University, or the President's designee;
(4) The State Superintendent of Schools, or the Superintendent's designee;
(5) The Secretary of Labor, Licensing, and Regulation, or the Secretary's designee;
(6) A representative of local superintendents of schools, appointed by the Governor with the advice and consent of the Senate;
(7) The Executive Director of the Maryland Association of Community Colleges, or the Executive Director's designee; and
(8) Four members of the public, appointed by the Governor with the advice and consent of the Senate.
(c) Public member.- One of the public members of the Governing Board shall have expertise in large data systems and data security.
(d) Chair.- The Governor shall appoint a chair of the Governing Board from among its members.
(e) Term.- A member appointed by the Governor:
(1) Serves at the pleasure of the Governor;
(2) Serves for a term of 3 years and until a successor is appointed and qualifies; and
(3) May be reappointed but may not serve more than two consecutive terms.
(f) Compensation and reimbursement for expenses.- A member of the Governing Board:
(1) May not receive compensation as a member of the Governing Board; but
(2) Is entitled to reimbursement for expenses under the Standard State Travel Regulations, as provided in the State budget.
(g) Responsibilities.- The Governing Board shall:
(1) Establish the organizational placement and location of the Center after seeking and evaluating proposals from interested entities based on criteria that shall include:
(i) The ability of the entity to support the operation of a large data system;
(ii) Strength of funding support; and
(iii) Expertise in data security;
(2) Develop an implementation plan to phase in the establishment and operation of the Maryland Longitudinal Data System and the Center;
(3) Provide general oversight and direction to the Center;
(4) Approve the annual budget for the Center;
(5) Establish the policy and research agenda of the Center;
(6) Before the incorporation of any individual data in the Maryland Longitudinal Data System:
(i) Create an inventory of the individual student data:
1. Proposed to be maintained in the system; and
2. Required to be reported by State and federal education mandates;
(ii) Develop and implement policies to comply with the federal Family Educational Rights and Privacy Act and any other privacy measures, as required by law or the Governing Board; and
(iii) Develop a detailed data security and safeguarding plan that includes:
1. Authorized access and authentication for authorized access;
2. Privacy compliance standards;
3. Privacy and security audits;
4. Breach notification and procedures; and
5. Data retention and disposition policies;
(7) Oversee routine and ongoing compliance with the federal Family Educational Rights and Privacy Act and other relevant privacy laws and policies;
(8) Ensure that any contracts that govern databases that are outsourced to private vendors include express provisions that safeguard privacy and security and include penalties for noncompliance;
(9) Designate a standard and compliance timeline for electronic transcripts that includes the use of SASID to ensure the uniform and efficient transfer of student data between local education agencies and institutions of higher education; and
(10) Review research requirements and set policies for the approval of data requests from State and local agencies, the Maryland General Assembly, and the public.
[2010, ch. 190.]