(a) There is established within the Office of the Governor a territorial longitudinal data system (“TLDS” or “the System”) known as the Virgin Islands Virtual Information System (“VIVIS”). The Virgin Islands Virtual Information System contains demographic data, such as: age, race, ethnicity, gender, marital status, income, education and employment, on persons being served by the Virgin Islands Departments of Education, Labor, Health, Finance, Human Services, and Justice; the University of the Virgin Islands and non-governmental entities that are mandated by this section to provide data. The Government shall use the data obtained through VIVIS to assist with evaluating the services provided by agencies and entities to improve the services offered and to assist teachers, administrators, policy makers, legislators, and others as a data-informed research resource.
(b) An Executive Director shall administer the VIVIS, who is appointed by the Governor of the Virgin Islands based exclusively on merit as determined by technical training, educational background; skill and professional experience; knowledge in education, health, or finance; other pertinent data systems; or any other relevant qualifications.
(c) The Executive Director shall facilitate the development of policies and procedures for VIVIS, create operational plans and systems to protect the confidentiality of data received from lower-level data governance management, and provide tactical level implementation of the policies from higher level data governance management, when applicable. The Executive Director may hire the personnel necessary to assist the Executive Director in meeting the Executive Director’s responsibilities of administering the VIVIS.
(d) The Executive Director shall develop and maintain VIVIS so that it can be used to improve the quality of life, education, health, and employment opportunities for the residents of the Virgin Islands. The Executive Director shall allow stakeholders and policymakers access to non-personally identifiable information data maintained in VIVIS of individuals who are serviced by agencies and entities that contribute data to VIVIS, to enable stakeholders and policymakers to facilitate accountability and investment decisions.
(e) The System must contain data to assist with the development of policies to support the following objectives:(1) Enabling Virgin Islands residents to secure and to retain employment and to receive better pay after completing training or postsecondary degrees;(2) Enabling Virgin Islands residents through training and education to meet the education and job skill demands of businesses;(3) Developing an early warning system that identifies at risk students, thereby, allowing for early government intervention and improving high school and college graduation rates;(4) Identifying teaching methods and programs that lead to positive student outcomes;(5) Encouraging the sharing of electronic data with educational institutions researchers and other entities; and(6) Developing intervention measures to modify public health complications and outcomes by identifying groups at higher risk of having poorer outcomes and examining relationships between risk factors and outcomes.
(1) Enabling Virgin Islands residents to secure and to retain employment and to receive better pay after completing training or postsecondary degrees;
(2) Enabling Virgin Islands residents through training and education to meet the education and job skill demands of businesses;
(3) Developing an early warning system that identifies at risk students, thereby, allowing for early government intervention and improving high school and college graduation rates;
(4) Identifying teaching methods and programs that lead to positive student outcomes;
(5) Encouraging the sharing of electronic data with educational institutions researchers and other entities; and
(6) Developing intervention measures to modify public health complications and outcomes by identifying groups at higher risk of having poorer outcomes and examining relationships between risk factors and outcomes.
(f) The Executive Director shall coordinate the sharing of data, ensure the confidentiality of records and ensure that an agency or entity’s data are used consistent with the Family Educational Rights and Privacy Act (FERPA), the Health Insurance Portability and Accountability Act (HIPAA), and other applicable federal and local laws, rules, regulations, policies, and procedures by ensuring the establishment of a unique identifier record code that will be assigned to the birth record. The establishment of a record code must be consistent with the following:(1) No information may be disclosed regarding how a record is generated and assigned a record code or that allows a recipient to identify the person based on a record code;(2) A record code may not be used for any purpose other than to identify a specific record and may not be used to ascertain personally identifiable information about the person; and(3) The record code may not be based upon a person’s social security number or any other personal information.
(1) No information may be disclosed regarding how a record is generated and assigned a record code or that allows a recipient to identify the person based on a record code;
(2) A record code may not be used for any purpose other than to identify a specific record and may not be used to ascertain personally identifiable information about the person; and
(3) The record code may not be based upon a person’s social security number or any other personal information.
(g) Commissioners of the Virgin Islands Departments of Education, Labor, Health, Finance, Human Services, and the Attorney General of the Virgin Islands, the President of the University of the Virgin Islands and non-governmental entities participating in VIVIS shall appoint personnel, referred to as stewards, who are responsible for providing data from within their organization to the Executive Director. The identified stewards must then implement strategically developed plans. As may be needed by the Executive Director, stewards shall assist the Executive Director by providing input regarding best practices of the VIVIS.
(h) Under the guidelines adopted by the Executive Director, agencies and entities must provide data regarding birth records, early childhood, kindergarten through twelfth grade, postsecondary, workforce, and health to VIVIS, including, birth weight, age, school discipline, school attendance, assessments, enrollment, and employment status.
(i) Agencies and entities participating in VIVIS shall work collaboratively to secure funding through the United States Department of Education and other federal agencies, grants, user fees, and contributions from the agencies and entities themselves, in order to establish and to enhance the necessary technology infrastructure workforce for the purpose of developing the TLDS.
(j) The Office of the Governor shall ensure the regulations, operating procedures and policies regarding the management and operation of VIVIS are promulgated in accordance with applicable local and federal laws. To the extent permissible under a grant, the Executive Director may award as subgrants any grants or other funding obtained by the VIVIS to agencies and the departments that are participants in the VIVIS.
(k) The Executive Director may charge a reasonable fee for access to the information maintained in VIVIS and other associated services provided.
(l) An educational agency or institution may release student-level data, such as the student’s name, address, and age, for the purposes of educational evaluation, audits, and research, by attaching a code to each record, if the following conditions are met:(1) No information may be disclosed regarding how a record is generated and assigned a record code or that allows a recipient to identify the person based on a record code;(2) A record code may not be used for any purpose other than to identify a specific record and may not be used to ascertain personally identifiable information about the person; and(3) The record code may not be based upon the person’s social security number or any other personal information.
(1) No information may be disclosed regarding how a record is generated and assigned a record code or that allows a recipient to identify the person based on a record code;
(2) A record code may not be used for any purpose other than to identify a specific record and may not be used to ascertain personally identifiable information about the person; and
(3) The record code may not be based upon the person’s social security number or any other personal information.
(m) The Executive Director shall ensure that VIVIS is maintained such that it coordinates the matching and de-identification of student-level data in order to protect the confidentiality and privacy of the individual person.
(n) The use of personally identifiable records that are matched must be limited to satisfying, or contributing to the evaluation, research and reporting requirements related to outcome measures that must be specified in advance and approved by the Executive Director. Once matched, personal identifiers, such as identification numbers assigned by contributing agencies and entities and social security numbers, must be removed to ensure the confidentially of all records. Data must be de-identified as specified in subsection (l). Once de-identified, the confidentiality of the record code must be strictly adhered to.
(o) The Executive Director and staff, and the staff at the participating agencies and entities involved in receiving, handling, transmitting, and processing data, shall execute a confidentiality agreement, agreeing to maintain the confidentiality of all data that contain personally identifiable information.
(p) The Executive Director shall maintain the confidentiality of all data shared through VIVIS. To ensure the continued confidentiality and security of the data processed, stored, or transmitted, the Executive Director shall establish protocol that at a minimum:(1) ensures that all data are kept in secured facilities and access to such data is limited to personnel who are authorized to have access to the data, by agreement or under this section;(2) requires the use of secured passwords to access computer databases used to process, store, or transmit data;(3) ensures good practices for assigning passwords that maintain the integrity of the systems used to secure the computer databases used to process, store, or transmit data;(4) prevents the interception, diversion, or other unauthorized access to confidential data that are being processed, stored, or transmitted;(5) ensures the compliance with FERPA, HIPPA, and other federal and Virgin Islands laws relating to the privacy rights of records, insofar as such laws are applicable to the agencies and entities; and(6) provides contingencies to ensure that unauthorized access to personally identifiable information is reported appropriately.
(1) ensures that all data are kept in secured facilities and access to such data is limited to personnel who are authorized to have access to the data, by agreement or under this section;
(2) requires the use of secured passwords to access computer databases used to process, store, or transmit data;
(3) ensures good practices for assigning passwords that maintain the integrity of the systems used to secure the computer databases used to process, store, or transmit data;
(4) prevents the interception, diversion, or other unauthorized access to confidential data that are being processed, stored, or transmitted;
(5) ensures the compliance with FERPA, HIPPA, and other federal and Virgin Islands laws relating to the privacy rights of records, insofar as such laws are applicable to the agencies and entities; and
(6) provides contingencies to ensure that unauthorized access to personally identifiable information is reported appropriately.