Audience Landing Page

This section houses all guidance documents, training materials, policy letters and other resources dedicated to protecting student privacy.  To narrow the list of documents below, use the drop down menus to select the type of resource, the topic and/or the audience and click the ‘apply’ button.  An updated list of resources will then be displayed below.

Guidance and Best Practices

Cloud Computing FAQ

This document is designed to assist educational agencies and institutions that are considering using cloud computing solutions for education data. It contains responses to frequently asked questions about meeting necessary data privacy and data security requirements, including compliance with the Family Educational Rights and Privacy Act, to ensure proper protection of education records.

Letters

Letter to Senator Ron Wyden providing clarification on the applicability of the Family Educational Rights and Privacy Act (FERPA) to college and university students’ medical records.

Letter to Senator Ron Wyden providing clarification on the applicability of the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) to college and university students’ medical records, including therapy and treatment records, held by educational institutions.

Letters

Letter to Representative Suzanne Bonamici providing clarification on the applicability of the Family Educational Rights and Privacy Act (FERPA)to college and university students’ medical records

Letter to Representative Suzanne Bonamici providing clarification on the applicability of the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) to college and university students’ medical records, including therapy and treatment records, held by educational institutions. 

Guidance and Best Practices

Checklist: Data Governance

This checklist is designed to assist stakeholder organizations with establishing and maintaining a successful data governance program by summarizing the key data privacy and security components of such a program and listing specific best practice action items.