Data Sharing

Guidance and Best Practices

Responsibilities of Third-Party Service Providers under FERPA

This document was developed by PTAC to assist online educational services providers, vendors, and contractors in understanding the Family Educational Rights and Privacy Act (FERPA). Similar guidance, Protecting Student Privacy While Using Online Educational Services, is intended for school audiences; this guidance presents the same material, but in a format geared toward third-party service providers.

Guidance and Best Practices

Guidance for Reasonable Methods and Written Agreements

This document provides guidance for schools, school districts, postsecondary institutions, and State educational authorities (such as State educational agencies) that may disclose personally identifiable information from education records. The document provides these entities with information about requirements and best practices for data disclosures under the studies exception and the audit or evaluation exception, as specified in the Family Educational Rights and Privacy Act.

Guidance and Best Practices

Contractor Responsibilities Under FERPA: Single Page

This document is intended for state educational agencies (SEAs) and/or their contracted companies to use to inform the contractors’ staff about their responsibilities to protect students’ personally identifiable information acquired under FERPA’s audit or evaluation exception.

This version is a single-page .pdf intended for use as a standard FERPA-only acknowledgement.

 

Guidance and Best Practices

Contractor Responsibilities Under FERPA: Tri-fold

This document is intended for state educational agencies (SEAs) and/or their contracted companies to use to inform the contractors’ staff about their responsibilities to protect students’ personally identifiable information acquired under FERPA’s audit or evaluation exception.

This version is a tri-fold brochure for Microsoft Word that leaves space to amend applicable state or local privacy laws.