By Audience: Education Technology Vendors

The resources on this page are intended for vendors and other third party providers who are developing, or selling educational technology apps or services that utilizes or collect or uses Students’ Personally Identifiable Information. Resources found here are intended to provide technical assistance and best practices for those vendors to ensure they are properly handling FERPA-protected information.

Guidance

Model Terms of Service Guidance Webinar - April 2015

This webinar accompanies the published guidance from the U.S. Department of Education on the student privacy landscape, click-wrap agreements, and proper evaluation of provisions in terms of service agreements.

Guidance

Videos

Protecting Student Privacy While Using Online Educational Services

This Privacy Technical Assistance Center teacher training video is aimed at helping K-12 school officials to better protect student privacy while using online educational services and applications. The video, intended for use during teacher in-service days or professional development meetings, offers a short summary of the issue and provides some examples to help educators identify which online educational services and applications are privacy-friendly and protect student data from improper use and disclosure.

Letters

Letter to Kansas Board of Regents about the applicability of FERPA to redisclosures of PII from students’ education records to contractors.

Best Practices

FERPA Exceptions Summary - Large

The various exceptions to FERPA can be confusing and difficult to track. The FERPA Exceptions Summary is intended to be a handy visual aid to help identify, at a glance, what FERPA exception applies to the data sharing work you are trying to do. Please find the standard version of this resource here: FERPA Exceptions Summary - Standard

Best Practices

FERPA Exceptions Summary - Standard

The various exceptions to FERPA can be confusing and difficult to track. The FERPA Exceptions Summary is intended to be a handy visual aid to help identify, at a glance, what FERPA exception applies to the data sharing work you are trying to do. Please find the large version of this resource here: FERPA Exceptions Summary - Large

Guidance

Recorded Webinars

Protecting Student Privacy While Using Online Educational Services - March 2014

This webinar provides an overview of the guidance document entitled "Protecting Student Privacy While Using Online Educational Services.

Guidance

Protecting Student Privacy While Using Online Educational Services: Requirements and Best Practices

This document addresses privacy and security considerations relating to computer software, mobile applications (apps), and web-based tools provided by a third-party to a school or district that students and/or their parents access via the Internet and use as part of a school activity. Examples include online services that students use to access class readings, to view their learning progression, to watch video demonstrations, to comment on class activities, or to complete their homework.

Guidance

Data Breach Response Checklist

This publication provides educational agencies and institutions with a checklist of critical breach response components and steps to assist stakeholder organizations in building a comprehensive data breach response capability. The checklist is meant to be used as a general example illustrating some current industry best practices in data breach response and mitigation applicable to education community.

Letters

Letter to School District re: SES Providers Contacting Parents

Letter to a school district providing assurance that Approved Supplemental Educational Providers are not prohibited by FERPA from contacting parents and guardians of students served in SES programs in previous years.

Letters

Letter to North Dakota Assistant Attorney General Regarding Matching Education and Employment Records - June 2005

Letter regarding the applicability of FERPA to the SEA redisclosing personally identifiable information from students' education records to an outside entity for matching purposes.

Search form

Search form