Data Governance
- Log in to post comments
As part of its enforcement activities under FERPA, the Student Privacy Policy Office issues a variety of letters to include letters that explain why an investigation will not be initiated as well as that detail our findings after conducting an investigation. While we have identified those letters of more significance and posted them under “Letters of Importance,” we also want to make available the full collection of findings letters we issued in this archive. The attached archive, in ZIP file format, contains redacted letters from the 2012 calendar year.
Letter clarifying that the term "early intervention record" under Part C of IDEA is equivalent to the term "education record" in FERPA for the purposes of the HIPAA Privacy Rule which exempts "education records" from its coverage.
This webinar covers guidance and best practice relating to the topic of disclosure avoidance.
This document is intended to assist educational agencies and institutions with maintaining compliance with privacy and confidentiality requirements under the Family Educational Rights and Privacy Act (FERPA) by reviewing basic terminology used to describe data de-identification as well as related concepts and approaches.
This document is intended to provide general guidance to State and local educational agencies and institutions about the best practice strategies for protecting personally identifiable information from education records in aggregate reports. The paper provides suggestions on how to ensure that necessary confidentiality requirements are met, including compliance with the Family Educational Rights and Privacy Act (FERPA). The information is presented in the form of responses to frequently asked questions (FAQs), followed by a list of additional resources at the end.
Letter to the Rhode Island Board of Governors for Higher Education regarding whether a conflict exists between the Rhode Island Access to Public Records Act and FERPA.
This publication provides educational agencies and institutions with a checklist of critical breach response components and steps to assist stakeholder organizations in building a comprehensive data breach response capability. The checklist is meant to be used as a general example illustrating some current industry best practices in data breach response and mitigation applicable to education community.
This webinar discusses how the Family Education Rights and Privacy Act (FERPA) interacts with IDEA Part B Confidentiality provisions.
This presentation reviews key disclosure avoidance concepts and provides best practice suggestions for implementing the techniques to ensure proper protection of the privacy and confidentiality of student records under the Family Educational Rights and Privacy Act.
This webinar provides basic information on FERPA as it applies to Postsecondary Institutions.