This bill mandates that school districts, charter schools, and area education agencies in Iowa implement specific email security standards to protect student information. By January 1, 2027, these entities must adopt an email security solution that includes features such as inbound and outbound filtering for spam and malware, artificial intelligence-driven threat detection, impersonation protection, data loss prevention, policy-based encryption for sensitive emails, and comprehensive logging and reporting capabilities. The bill also establishes that any school district or agency that fails to meet these requirements will be considered noncompliant.

Additionally, the bill specifies that the costs associated with complying with these mandates will be covered by state school foundation aid, ensuring that no additional state funding is necessary for implementation. This provision is designed to meet the state funding-related requirements outlined in existing law, reinforcing the obligation of school districts and area education agencies to adhere to the new email security standards.

Statutes affected:
Introduced: 256E.7, 279.89