Lesson 4 of 7
The Family Educational Rights and Privacy Act (FERPA) was
enacted in August of 1974 to protect student education records and pertains to
any school, either K-12 or higher education, public, or private, that receives
funds under any program from the U.S. Department of Education.
Most public and private U.S. schools fall under FERPA and IT
staff who work for these institutions must understand FERPA’s
provisions to ensure compliance.
To get a handle on FERPA requirements, here are 10 things
you should know:
- FERPA
covers private and public schools, colleges, and universities. - Regulations
were set before the information age and as a result must be carefully
interpreted. - Directory
information, which can be shared without the consent of a student, must be
used carefully. - Records
of a student’s use of a school network require stringent protection. - “Do
not share” requests must be honored. - Do
not use “last four” recording of a student’s social security
number. - Appropriate
access rights must be maintained. - Privacy
rights of students and parents’ need to fulfill financial responsibilities
could conflict. - The
information age has changed the way you need to comply with FERPA
regulations. - Consult
a lawyer for advice on compliance issues.
For details, download Ten
things you should know about the Family Educational Rights and Privacy Act
(FERPA).
What are the steps to compliance?
According to the University of North Texas, there are two basic strategies
institutions should take: Notify current students annually in writing of their
rights under FERPA, and grant access by students or parents, if applicable, to
education records. For details, and the answers to other questions such as what
are and are not considered educational records, see FERPA Training Q&A.
For a comprehensive list of FERPA resources, including free
downloads, see page two.
FERPA resources
- Family
Educational Rights and Privacy Act (FERPA)
Get information from the U.S. Department of Education on the Family
Educational Rights and Privacy Act, which protects the privacy of student
education records. - Download: Ten
things you should know about the Family Educational Rights and Privacy Act
(FERPA)
IT professionals who work for U.S. educational institutions, public or
private, should know and understand the ten FERPA considerations outlined
in this document. - FERPA Training (Q&A)
This page from the University of North Texas contains answers to questions
such as “What are and what aren’t education records?” and “What
are parental rights under FERPA?” - The impact
of FERPA
Questions from readers of the Center for Health and Health Care in
Schools’ e-journal address the impact of FERPA and HIPAA on privacy
protections for health information at school. - Critical
Issue: Addressing Confidentiality Concerns in School-Linked Integrated
Service Efforts
This resource page from the North Central
Regional Educational Laboratory addresses how to handle the various
ethical and legal issues relating to confidentiality that often arise when
school staff and human service providers share information on clients. - FERPA
and Electronic Signatures
In this article, Daren Bakst, President and
General Counsel, Council on Law in Higher Education, analyzes FERPA
regulations and addresses frequently asked questions and misconceptions
regarding the use of electronic signatures as it relates to FERPA. - ECURE 2002: Goldsmith
Presentation Slides
C.W. Goldsmith, Ph.D. offersslides
that explore the interaction between FERPA and HIPAA. - Learning About the
Family Education Rights and Privacy Act (FERPA)
This article on the Wrightslaw Web site defines
what is meant by an “education record.” - FERPA
Tutorial
The tutorial from Clark College is intended to insure that anyone
accessing student records understands the obligations under FERPA for
proper use and protection of student records. - Adding
FERPA Restrictions Procedure
This is an uncontrolled document to be used for
training or reference purposes only.
White papers
- Understanding
the Family Educational Rights and Privacy Act
This white paper from the University of Nebraska-Lincoln offers an
analysis of FERPA compliance and implementation. - Information
Security: a Perspective for Higher Education
This white paper by NEC Unified Solutions discusses privacy regulations
related to higher education.
Vendors
- DocFinity
(Optical Image Technology) - IBM
(Rational Software Development Platform) - Hewlett-Packard
(OpenView Compliance Manager) - Xerox
(FERPA Compliance Services)
Course list
- Lesson
1: Sarbanes-Oxley - Lesson
2: HIPAA - Lesson
3: Gramm-Leach-Bliley - Lesson
4: FERPA - Lesson
5: U.S. Patriot Act - Lesson
6: European legislation - Lesson
7: What’s next?
Sign up for the Compliance Regulatory Overview series
If you haven’t subscribed to this series, automatically sign
up today to receive the entire Compliance Regulatory Overview series in your
inbox.
We want your feedback
Lesson 4 on the Family Educational Rights and Privacy Act (FERPA) was: