ECEP Responds to TAPP Breach

For release June 3, 2014

The TAPP registry website has been compromised and is unavailable at this time. More information concerning the breach can be found on the Arkansas State University website.

Arkansas State University has also provided a link, found at the bottom of their home page, labeled TAPP Registry Identity Theft which lists frequently asked questions and answers.

As far as ECEP trainings are concerned, please continue to register and teach courses as usual. It is very important to use the Course Submission form. ECEP will assign a temporary course ID.

Also found on the ECEP website will be a NEW sign-in sheet to accommodate the changes necessary for dealing with this issue. If a participant has never had a TAPP number more information will be required, such as their address, and county they live in so you can enter all attendance once the online system is up and running. ECEP still needs all paperwork in a timely manner when your course is complete. Keep a copy of ALL documents regarding your course, just as you have done in the past.

At this time, class rosters are not available from TAPP for dispersing pre-tests, post-tests and evaluations through email; it is recommended that pre-tests, post-tests and evaluations be completed in class. Pre-tests must be done at the beginning of class the first day, post-tests and evaluations must be completed the last day of class. It is understood that this may cut into part of your class time but these tests and evaluations are necessary to insure future funding of this project.

ECEP feels confident about the security of the ECEP Master Database. It is maintained on a system separate from the University of Arkansas Fayetteville system. The server on which it resides does not have open access to outside users; only ECEP staff (less than 10 people) has access to it. ECEP does not maintain any social security numbers in this database. In addition, the electronic files maintained in conjunction with the master database are on the same server and all backups are maintained off line.

While the files ECEP maintains are handled in a very secure environment, additional precautions are being taken to further insure security. In the next few days all course files will be password protected and only individuals with the proper password will have access to those files. Distribution of the password will be limited to senior staff, training advisors and the database manager.