Audience Landing Page

This section houses all guidance documents, training materials, policy letters and other resources dedicated to protecting student privacy.  To narrow the list of documents below, use the drop down menus to select the type of resource, the topic and/or the audience and click the ‘apply’ button.  An updated list of resources will then be displayed below.

Best Practices for Data Destruction

The Data Destruction document is a best practices guide on properly destroying sensitive student data after it is no longer needed.  It details the life cycle of data and discusses various legal requirements relating to the destruction of data under FERPA, and examines a variety of methods for properly destroying data.  The guide also discusses best practices for data destruction and provides some real-world examples of how to implement it within your organization.

Guidance and Best Practices
Letters

Joint FERPA Letter with ED HHS regarding Uninterrupted Scholars Act

This letter written to Chief State School Officers and State Child Welfare Directors between the U.S. Department of Health and Human Services and Department of Education describes the Uninterrupted Scholars Act and its impact on data sharing between education and health and human service agencies.

Letters

FPCO Findings Letters 2012

As part of its enforcement activities under FERPA, the Family Policy Compliance Offices issues a variety of letters to include letters that explain why an investigation will not be initiated as well as that detail our findings after conducting an investigation.  While we have identified those letters of more significance and posted them under “Letters of Importance,” we also want to make available the full collection of findings letters we issued in this archive.  The attached archive, in ZIP file format, contains redacted letters from the 2012 calendar year.  

Guidance and Best Practices

Data De-identification: An Overview of Basic Terms

This document is intended to assist educational agencies and institutions with maintaining compliance with privacy and confidentiality requirements under the Family Educational Rights and Privacy Act (FERPA) by reviewing basic terminology used to describe data de-identification as well as related concepts and approaches.

Guidance and Best Practices

Presentation: 25th Annual MIS 2012 - Protection of Personally Identifiable Information Through Disclosure Avoidance Techniques (Feb 2012)

This presentation reviews key disclosure avoidance concepts and provides best practice suggestions for implementing the techniques to ensure proper protection of the privacy and confidentiality of student records under the Family Educational Rights and Privacy Act.