By Audience: Postsecondary School Officials

The resources on this page are intended for staff and educators of Postsecondary Institutions.  Resources found here typically address FERPA’s requirements and how they apply to the various day-to-day operations of postsecondary institutions that may be different than the K-12 setting.  Guidance is also provided for the particular challenges encountered at the postsecondary level as it relates to the handling and protection of students’ Personally Identifiable Information.

Guidance

Protecting Student Privacy While Using Online Educational Services: Requirements and Best Practices

This document addresses privacy and security considerations relating to computer software, mobile applications (apps), and web-based tools provided by a third-party to a school or district that students and/or their parents access via the Internet and use as part of a school activity. Examples include online services that students use to access class readings, to view their learning progression, to watch video demonstrations, to comment on class activities, or to complete their homework.

Letters

SPPO Findings Letters 2012

As part of its enforcement activities under FERPA, the Student Privacy Policy Office issues a variety of letters to include letters that explain why an investigation will not be initiated as well as that detail our findings after conducting an investigation.  While we have identified those letters of more significance and posted them under “Letters of Importance,” we also want to make available the full collection of findings letters we issued in this archive.  The attached archive, in ZIP file format, contains redacted letters from the 2012 calendar year.  

Guidance

Frequently Asked Questions - Disclosure Avoidance

This document is intended to provide general guidance to State and local educational agencies and institutions about the best practice strategies for protecting personally identifiable information from education records in aggregate reports. The paper provides suggestions on how to ensure that necessary confidentiality requirements are met, including compliance with the Family Educational Rights and Privacy Act (FERPA). The information is presented in the form of responses to frequently asked questions (FAQs), followed by a list of additional resources at the end.

Guidance

Data De-identification: An Overview of Basic Terms

This document is intended to assist educational agencies and institutions with maintaining compliance with privacy and confidentiality requirements under the Family Educational Rights and Privacy Act (FERPA) by reviewing basic terminology used to describe data de-identification as well as related concepts and approaches.