By Audience: Researchers

The resources on this page are intended for researchers, or any other party conducting research using FERPA-protected information. Resources here focus on proper disclosure avoidance techniques and proper methods for de-identification and suppression of Students’ Personally Identifiable Information from education records.

Guidance

SPPO response to Louisiana on Enrollment Data and Disclosure Avoidance

Letter to the Louisiana State Superintendent of Education answering questions relating to protecting student privacy in public reporting.  The document addresses the U.S. Department of Education’s practices and recommendations to States on how to protect privacy when publicly reporting enrollment data. 

Guidance

Frequently Asked Questions - Disclosure Avoidance

This document is intended to provide general guidance to State and local educational agencies and institutions about the best practice strategies for protecting personally identifiable information from education records in aggregate reports. The paper provides suggestions on how to ensure that necessary confidentiality requirements are met, including compliance with the Family Educational Rights and Privacy Act (FERPA). The information is presented in the form of responses to frequently asked questions (FAQs), followed by a list of additional resources at the end.

Guidance

Data De-identification: An Overview of Basic Terms

This document is intended to assist educational agencies and institutions with maintaining compliance with privacy and confidentiality requirements under the Family Educational Rights and Privacy Act (FERPA) by reviewing basic terminology used to describe data de-identification as well as related concepts and approaches.

Guidance

Data Breach Response Checklist

This publication provides educational agencies and institutions with a checklist of critical breach response components and steps to assist stakeholder organizations in building a comprehensive data breach response capability. The checklist is meant to be used as a general example illustrating some current industry best practices in data breach response and mitigation applicable to education community.