2 hours 19 minutes
welcome back to student data privacy fundamentals. In this lesson, we will discuss FERPA and student online data.
We will talk about what FERPA stands for and what it regulates, what p I I stands for and what qualifies as P II. The difference between directory information and P II, and in what situations data could be disclosed without parental consent.
FERPA or the Family Educational Rights and Privacy Act was originally enacted by lawmakers in 1974.
Phurba is a federal law which protects the privacy of student education records. Any school district that receives federal education funding is required by law to comply with FERPA.
Simply put for by restricts how P II or personally identifiable information from education records may be released without parental consent.
Directory information like a student's name, photo date of birth and attendance can be disclosed without parental consent if they have previously notified parents of the directory information policy.
This is often done in school yearbooks and athletic programs.
Other student P I referred to as education records like discipline records, grades and health information, cannot be released at will by school organizations and has to be strongly protected by those entities.
Quiz Time. What does P I I stand for?
If you said personally identifiable information, you're correct.
Generally, schools must have written permission from a parent or student over the age of 18. In order to release any information from a students education record, However, FERPA allows schools to disclose those records without consent to the following parties or under the following conditions.
School officials with legitimate educational interest. For example, a regular education teacher being given information about a student Special education needs to better help that student be successful.
Other schools to which a student is transferring.
For example, the former school will need to supply a student's grades to a new school in order for the new school to enter transfer grades and create a transcript for that student.
Specified officials for audit or evaluation. Purpose is one example of this would be a financial auditor needing information about student free or reduced lunch status in order to successfully audit the finances of the school lunch program.
Appropriate parties in connection with financial aid to a student
free or reduced lunch status might again be used to apply a sliding scale of technology device user fees for students attending a school with a 1 to 1 device program, for example,
organisations conducting certain studies four or on behalf of the school.
This may occur if the school district participates in a demographic study where they may release student demographic data like grade gender free or reduced lunch status. Special education status. English as a second language status, etcetera toe 1/3 party for analysis of district demographics
accrediting organizations. One accrediting organization, for example, would be a state education department that requires test scores to be reported in order to calculate funding for every district in the state
to comply with a judicial order or lawfully issued subpoena.
In the case of a lawsuit regarding harassment of a student, legal parties may need to access student data, including student discipline records, emails, etcetera,
appropriate officials in cases of health and safety emergencies.
In the case of a life threatening emergency,
schools are allowed to release student medical information or other P I I that is necessary for medical care,
state and local authorities within a juvenile justice system pursuant to specific state law.
One example of this would be a school releasing student discipline records relating to a crime that occurred on or off of school property.
How about another review question for by describes directory information as information that is not considered to be harmful or an invasion of privacy? If disclosed,
what type of information from the list is considered? Directory information and allowed by FERPA to be released to third parties without parental consent,
A student's name, date and even place of birth address, phone number, attendance dates and even photographs are directory information under FERPA.
Other education records, like a student's grades, Social Security or Student I. D. Number and health records, are protected under FERPA and cannot be openly shared without parental consent or legal action.
In today's video, we discussed that for bus stands for family education, Knoll Rights and Privacy Act
that FERPA regulates, what types of data educational entities can release with and without parental consent.
That P I. I stands for personally identifiable information and includes full name student grades, Social Security number or I D. Number, etcetera.
That directory information like date of birth address and attendance records can be shared without prior permission from parents
and the specific examples of when a school can release student P II without parental consent.
In the next lesson, we will dive into the federal regulation of Copa and its implications for student data privacy.
See you soon.
Information Systems Security Engineering Professional (ISSEP)
Build upon your CISSP certification by getting the specialized credential of the Information Systems Security ...
6 CEU/CPE Hours Available
Certificate of Completion Offered
MS-500: Microsoft 365 Security Administration
Are you a system administrator who wants to get a certification that is globally recognized ...
7 CEU/CPE Hours Available
Certificate of Completion Offered