Lesson 4 of 7

The Family Educational Rights and Privacy Act (FERPA) was
enacted in August of 1974 to protect student education records and pertains to
any school, either K-12 or higher education, public, or private, that receives
funds under any program from the U.S. Department of Education.

Most public and private U.S. schools fall under FERPA and IT
staff who work for these institutions must understand FERPA’s
provisions to ensure compliance.

To get a handle on FERPA requirements, here are 10 things
you should know:

    covers private and public schools, colleges, and universities.
  • Regulations
    were set before the information age and as a result must be carefully
  • Directory
    information, which can be shared without the consent of a student, must be
    used carefully.
  • Records
    of a student’s use of a school network require stringent protection.
  • “Do
    not share” requests must be honored.
  • Do
    not use “last four” recording of a student’s social security
  • Appropriate
    access rights must be maintained.
  • Privacy
    rights of students and parents’ need to fulfill financial responsibilities
    could conflict.
  • The
    information age has changed the way you need to comply with FERPA
  • Consult
    a lawyer for advice on compliance issues.

For details, download Ten
things you should know about the Family Educational Rights and Privacy Act

Weekly tips in your inbox

For weekly information on a variety of subjects related to IT compliance, including regulations outlined by Sarbanes-Oxley, HIPAA, and e-mail, sign up for TechRepublic’s free Compliance Issues newsletter.

Automatically sign up today!

What are the steps to compliance?

According to the University of North Texas, there are two basic strategies
institutions should take: Notify current students annually in writing of their
rights under FERPA, and grant access by students or parents, if applicable, to
education records. For details, and the answers to other questions such as what
are and are not considered educational records, see FERPA Training Q&A.

For a comprehensive list of FERPA resources, including free
downloads, see page two.

FERPA resources

White papers


  • DocFinity
    (Optical Image Technology)
  • IBM
    (Rational Software Development Platform)
  • Hewlett-Packard
    (OpenView Compliance Manager)
  • Xerox
    (FERPA Compliance Services)

Course list

Sign up for the Compliance Regulatory Overview series

If you haven’t subscribed to this series, automatically sign
up today
to receive the entire Compliance Regulatory Overview series in your

We want your feedback

Lesson 4 on the Family Educational Rights and Privacy Act (FERPA) was:

 Very helplful
 Somewhat helpful
 Not helpful