Guidance

The list of resources below includes all “guidance documents” issued by the Student Privacy Policy Office (SPPO).  As a general matter, guidance documents are statements of general applicability, intended to have future effect on the behavior of regulated parties, that set forth a policy on a statutory, regulatory, or technical issue; or an interpretation of a statute or regulation.  The guidance documents issued by SPPO address requirements of the Family Educational Rights and Privacy Act (FERPA), the Protection of Pupil Rights Amendment (PPRA), and the Armed Forces Recruiter Access to Students and Student Recruiting Information provisions under Section 8528 of the Elementary and Secondary Education Act.  This list of SPPO guidance documents only includes correspondence with individual persons or entities and materials pertaining to SPPO enforcement actions if those documents constitute statements of general applicability intended to have future effect on the behavior of regulated parties.  You will find a full list of all SPPO resources at  https://studentprivacy.ed.gov/resources.

The below list can also be found here in an Excel spreadsheet.

Guidance Documents

Title and Hyperlink Date Issued Summary
Family Educational Rights and Privacy Act: Guidance for School Officials on Student Health Records 4/12/2023 This guidance document provides school officials with general information about the Family Educational Rights and Privacy Act (FERPA), with a particular focus on student health records maintained by educational agencies and institutions and by third parties acting on their behalf.
Know Your Rights: FERPA Protections for Student Health Records 4/12/2023 This one-page document provides a brief overview of parents’ and eligible students’ rights under the Family Educational Rights and Privacy Act (FERPA), with a particular focus on student health records.
An Eligible Student Guide to the Family Educational Rights and Privacy Act (FERPA) 3/8/2023 This guide provides general information on an eligible student’s rights under the Family Educational Rights and Privacy Act or FERPA. When a student reaches 18 years of age or attends an institution of postsecondary education at any age, the student becomes an “eligible student,” and all rights under FERPA transfer from the parent to the student. (En Español)
Responding to Ransomware Attacks 11/9/2022 This video emphasizes ransomware, a type of malicious software that encrypts files and data on a device, rendering the information unretrievable and unusable to the device owner. If your education agency, district, or school is the victim of a ransomware attack, preparation and a prompt response will be key in reducing the impact and duration of the incident.
FERPA/IDEA Crosswalk 8/24/2022 This document is a side-by-side comparison of the legal provisions and definitions in IDEA Part B, IDEA Part C and FERPA. It is intended to help differentiate these statutes and provide a comparison for the shared definitions.
Letter to Postsecondary Institutions about the American Community Survey (ACS) 7/1/2022 Letter to institutions of postsecondary education regarding the applicability of the Family Educational Rights and Privacy Act (FERPA) to the disclosure of certain personally identifiable information from student education records to representatives of the U. S. Census Bureau (Bureau) who are conducting Group Quarters (GQ) or group housing data collection for the American Community Survey (ACS).
A Parent Guide to the Family Educational Rights and Privacy Act (FERPA) 7/9/2021 This guide provides general information on a parent’s rights under the Family Educational Rights and Privacy Act or FERPA, which provides certain rights for parents regarding their children’s education records. (En Español)
A Parent’s Guide for Understanding K-12 School Data Breaches 5/1/2021 This resource aims to provide parents of K-12 students information to help understand what it means when your school has a data breach, as well as provide tools and best practices to help navigate the process of protecting your children’s data in the event of a breach.
May Schools Disclose Information about Cases of COVID-19? 9/24/2020 This blog post addresses four common questions regarding the Family Educational Rights and Privacy Act (FERPA) and the disclosure of information about cases of COVID-19 to the community.
FERPA and the Coronavirus Disease 2019 (COVID-19) 3/30/2020 The purpose of this guidance is to answer questions that school officials may have had concerning the disclosure of personally identifiable information from students’ education records to outside entities when addressing the Coronavirus Disease 2019 (COVID-19).
Colleges and the 2020 Census - Coronavirus Update 3/15/2020 The U.S. Department of Education (ED) worked with Census to share updates on the 2020 Census.
Protection of Pupil Rights Amendment (PPRA) General Guidance 11/25/2020 This document reviews parents’ rights under the PPRA and education officials’ obligations in implementing the PPRA. (En Español)
FERPA Model Notification for Postsecondary Officials 4/22/2020 This document is a template notice for postsecondary institutions to use in informing eligible students about their rights under FERPA.
Annual Notice to SEAs and LEAs and Model Forms 4/22/2020 This is a cover letter for the annual (2020) notices to SEAs and LEAs
FERPA and COVID-19 FAQS 3/20/2020 This document assists school officials working with public health officials in managing public health issues related to COVID-19, while protecting the privacy of students’ education records.
DCL to IHEs on FERPA and Decennial 2020 Census 1/29/2020 Applicability of FERPA to the disclosure by IHEs of PII from student education records to representatives of the U.S. Census Bureau in connection with the 2020 Census.
FERPA 101: For Colleges & Universities 1/23/2020 This online training course is an introduction FERPA, and its requirements relating to the privacy and security of Personally Identifiable Information (PII) in student records.  This course addresses FERPA basics, explores requirements for the protection of student records for Colleges, Universities and other postsecondary institutions, addresses who may and may not access student records, when those records may be shared, and discusses several of the applicable exceptions to the FERPA requirement for consent.
Joint Guidance on the Application of FERPA and HIPAA to Student Health Records 12/15/2019 Joint guidance addressing the application FERPA and HIPAA Privacy Rule to records maintained on students.
Best Practices for Data Destruction 3/1/2019 Best practices guide on properly destroying sensitive student data after it is no longer needed.  It details the life cycle of data and discusses various legal requirements relating to the destruction of data under FERPA, and examines a variety of methods for properly destroying data.  The guide also discusses best practices for data destruction and provides some real-world examples of how to implement it within your organization.
School Resource Officers, School Law Enforcement Units, and the Family Educational Rights and Privacy Act (FERPA) 2/1/2019 Guidance document on applicability of FERPA to law enforcement unit records, school resource officers (SROs), and health or safety emergency issues. 
Improving the Effectiveness and Efficiency of FERPA Enforcement 12/20/2018 Modification of investigatory practices to "more efficiently address and resolve complaints and violations under FERPA."
Technical Assistance on Student Privacy for State and Local Educational Agencies When Administering College Admissions Examinations 5/1/2018 Technical assistance on FERPA, PPRA, IDEA as applied to SEAs and LEAs administering college admissions exams.
Letter to Wachter Regarding Surveillance Video of Multiple Students 12/7/2017 Letter responding to inquiry on applicability of FERPA to video of multiple students, parent copy under State open records law. 
Letter to Liberty University 12/5/2017 Letter to Liberty University regarding whether FERPA would require University to provide individuals allegedly involved in fraud rings (who claim to be students) with opportunity inspect and review investigation reports re: financial aid fraud.
Data Breach Response Training Kit 6/1/2017 Customizable exercise that leads participants through a scenario involving a breach of student information and other personally identifiable information. The exercise focuses on the processes, procedures, and skills needed to respond to a data breach. 
FERPA General Guidance for Parents (En Español) 3/1/2017 General guidance on FERPA for parents (Spanish version).
Model Notice for Directory Information (En Espanol) 3/1/2017 This document is a template notice for notifying parents and eligible students (students over 18 years of age or attending a school beyond the high school level) about the type of information from student’s education records, designated by a School District as “directory information,” that schools may disclose without consent, unless advised to the contrary.  (Spanish version).
PPRA Model General Notice of Rights 3/1/2017 This document is a template notice for school districts notifying parents and eligible students (students over 18 years of age or attending a school beyond the high school level) to inform eligible students about their rights under the Protection of Pupil Rights Amendment (PPRA).
Model Form for Disclosure to Parents of Dependent Students 3/1/2017 This document is a template for postsecondary institutions to use for eligible students to consent to the disclosure of PII from educational records to their parents.
Model Form for Disclosure to Parents of Dependent Students and Consent Form for Disclosure to Parents 3/1/2017 This document is a template for postsecondary institutions to use for eligible students to consent to the disclosure of PII from educational records to their parents.
FERPA Model Notification of Rights for Elementary & Secondary Schools 3/1/2017 This document is a template notice for school districts notifying parents and eligible students (students over 18 years of age or attending a school beyond the high school level) about their rights under FERPA.
PPRA Model Notice & Consent Opt-Out for Specific Activities 3/1/2017 This document is a template notice for school districts to notify parents and obtain consent or allow parents to opt their child out of participating in certain school activities under the Protection of Pupil Rights Amendment (PPRA).
Integrated Data Systems and Student Privacy 1/1/2017 This guidance document provides background information on what an Integrated Data System (IDS) is and why educational authorities may choose to participate in one, and clarifies how such authorities can participate in an IDS while ensuring student privacy in compliance with FERPA.
Guidance on the Use of Financial Aid Information for Program Evaluation and Research 1/1/2017 This document is intended to provide postsecondary educational institutions clarification on the conditions under which federal student financial aid information may be used for program evaluation and research purposes.
Dear Colleague Letter Regarding Military Recruiter Provisions of ESEA 11/1/2016 This letter addresses the amendment to the Elementary and Secondary Education Act (ESEA) military recruiter provisions. 
Response to Assistance Request from University of North Carolina 10/31/2016 This letter is in response to the University of North Carolina's inquiry on whether there are any restrictions that would prevent any of its 16 individual constituent institutions that are part of the University of North Carolina (UNC) from providing to the University of North Carolina General Administration (UNC-GA) information from students' Free Application for Federal Student Aid (FAFSA) that is provided to each institution by the Department in the form of an Institutional Student Information Record (ISIR).
Understanding the Confidentiality Requirements Applicable to IDEA Early Childhood Programs FAQ 10/1/2016 FAQs on FERPA-IDEA Part B-IDEA Part C.  Companion to side-by-side guide.
School Volunteer Brochure 10/1/2016 Brochure that schools can use to notify volunteers of their legal responsibilities to preserve student privacy
Response to Technical Assistance Request from Suffolk University 9/21/2016 This letter provides guidance on the use of the Department’s National Student Loan Data System (NSLDS) for research and evaluation purposes, to study student loan servicing and borrower default and delinquency of students and graduates.
Dear Colleague Letter to School Officials at Institutions of Higher Education 8/24/2016 Letter to institutions of higher education (IHEs) regarding the protection of "treatment records" and education records and disclosures under "school official with a legitimate education interest," particularly school attorneys.
Joint Guidance on Data Matching to Facilitate WIOA Performance Reporting and Evaluation 8/1/2016 Joint Guidance between the U.S. Departments of Education and Labor regarding the applicability of FERPA to data matching under Workforce Innovation and Opportunity Act (WIOA).  
Issue Brief: Data Security Top Threats to Data Protection 6/1/2016 This brief outlines critical threats to educational data and information systems. Threats are divided into two categories: technical and non-technical. A brief description of each threat is followed by a suggestion of appropriate risk mitigation measures.
SPPO response to Louisiana on Enrollment Data and Disclosure Avoidance 4/21/2016 Letter to Louisiana State Superintendent of Education answering questions regarding protecting PII in public reporting.  The letter provides practices and recommendations to States on how to protect privacy when publicly reporting.
Protecting Student Privacy While Using Online Educational Services: Model Terms of Service 3/1/2016 Checklist document that provides a framework for evaluating online educational tools' Terms of Service Agreements.  This document is intended to assist users in understanding how a given online service or app will collect, use and/or transmit user information so that they can then decide whether or not to sign up.
Letter to the State University of New York Chancellor, Dr. Nancy L. Zimpher regarding the disclosure of information among the State University of New York (“SUNY”) campuses for the purpose of reverse transfer. 1/20/2016 Letter to the State University of New York Chancellor regarding the disclosure of information among the State University of New York (SUNY) campuses for the purpose of reverse transfer.
Guidance for Reasonable Methods and Written Agreements 8/1/2015 This document provides guidance for schools, school districts, postsecondary institutions, and State educational authorities (such as State educational agencies) that may disclose personally identifiable information from education records. The document provides these entities with information about requirements and best practices for data disclosures under the studies exception and the audit or evaluation exception, as specified in FERPA.
Issue Brief: Data Governance and Stewardship 8/1/2015 This brief provides guidance on how to successfully manage complex data systems by establishing a comprehensive data governance approach. Data governance principles discussed in this paper apply to a large number of audiences and can be used to improve data management of systems spanning pre-school through postsecondary education and into the workforce.
Case Study #5: Minimizing PII Access 8/1/2015 This case study illustrates best practices for minimizing access to sensitive information with education data maintained in a Statewide Longitudinal Data System.
Responsibilities of Third-Party Service Providers under FERPA 8/1/2015 This document assists online educational services providers, vendors, and contractors in understanding FERPA.
Cyber Advisory - New Type of Cyber Extortion / Threat Attack 8/1/2015 This was a notice to schools of a new cyber threat, where the criminals were seeking to extort money from school districts and other educational institutions on the threat of releasing sensitive data from student records.
Letter to Virginia Attorney General Mark Herring Regarding Public Release of Executive Summary provided to University of Virginia Board of Visitors 7/2/2015 This letter is regarding whether UVA Board of Visitors' response to false allegations of sexual assault was personally identifiable.
Data Security Checklist 7/1/2015 This checklist is designed to assist stakeholder organizations with developing and maintaining a successful data security program by listing essential components that should be considered when building such a program, with focus on solutions and procedures relevant for supporting data security operations of educational agencies.
Checklist for Developing School District Privacy Programs 7/1/2015 This document was developed as a companion piece to the video "Developing A Privacy Program for Your School District."  The document provides an overview and rationale for why districts need, and should take the time to create and implement a program to protect personally identifiable information from student records
Written Agreement Checklist 7/1/2015 This document lists mandatory requirements for written agreements under the studies exception and the audit or evaluation exception, as specified in the Family Educational Rights and Privacy Act.
Identity Authentication Best Practices 7/1/2015 This brief offers best practice recommendations for developing and implementing effective authentication processes to help ensure that only appropriate individuals and entities have access to education records. General suggestions provided in the brief are applicable to all modes of data access, be it in person, over the phone, by mail, or electronically.
Cloud Computing FAQ 7/1/2015 This document is designed to assist educational agencies and institutions that are considering using cloud computing solutions for education data. It contains responses to frequently asked questions about meeting necessary data privacy and data security requirements, including compliance with FERPA, to ensure proper protection of education records.
Data Security Threats: Education Systems in the Crosshairs 7/1/2015 This presentation reviews security threats to education data systems, including common ways in which these systems can be exploited. It also offers suggestions on assessing system vulnerabilities and mitigating the risks.
Policies for Users of Student Data Checklist 7/1/2015 This document aims to assist schools and districts in crafting data use policies to ensure appropriate protection of students’ data.  While it is not mandatory to develop a data use policy, the U.S. Department of Education recommends doing so as a best practice.
Contractor Responsibilities Under FERPA: Tri-fold 7/1/2015 This document is intended for state educational agencies (SEAs) and/or their contracted companies to use to inform the contractors’ staff about their responsibilities to protect students’ personally identifiable information acquired under FERPA’s audit or evaluation exception.  This version is a tri-fold brochure for Microsoft Word that leaves space to amend applicable state or local privacy laws. 
Contractor Responsibilities Under FERPA: Single Page 7/1/2015 This document is intended for state educational agencies (SEAs) and/or their contracted companies to use to inform the contractors’ staff about their responsibilities to protect students’ personally identifiable information acquired under FERPA’s audit or evaluation exception.  This version is a single-page .pdf intended for use as a standard FERPA-only acknowledgement
Checklist: Mapping Data Flows 7/1/2015 This guidance document is intended to help educational agencies and institutions create visual “maps” of how their data flows in the data systems.  Including maps in data governance plans can help organizations better understand what data are in their systems, where the data reside, what sources they come from, why those data are collected, what limitations or restrictions apply, how they are linked, and what policy questions those data are used to answer.
Case Study # 3: Enforcement 6/1/2015 This document discusses the 2011 changes to regulations regarding data sharing between SEA and a research organization.
Data Security and Management Training: Best Practice Considerations 6/1/2015 This brief provides best practices for data security and data management trainings for educational leaders. The brief discusses key training concepts to follow, content, delivery methods, and possible audiences for these trainings.
Case Study #2: Head Start Program 6/1/2015 This case study illustrates a scenario where a State educational agency enters into an agreement to share education data with a Head Start Program.
Case Study #1: High School Feedback Report 6/1/2015 This case study illustrates a scenario where a State educational agency creates high school feedback reports using the audit or evaluation exception under FERPA.
Best Practice Recommendations for SEA Websites 6/1/2015 This document provides best practice recommendations for SEAs on presenting information about education data governance and sharing on a SEA website. 
Checklist: Data Governance 6/1/2015 This checklist is designed to assist stakeholder organizations with establishing and maintaining a successful data governance program by summarizing the key data privacy and security components of such a program and listing specific best practice action items.
https://www2.ed.gov/policy/gen/guid/fpco/doc/letter-college-legal-services-california.pdf 2/9/2015 Letter to California concerning the U.S. Department of Education Office of Civil Rights’s April 4, 2011, Dear Colleague Letter (DCL) on sexual violence regarding what information may be disclosed in the notice of the outcome of a discriminatory harassment complaint, and whether the language in the DCL is consistent with the requirements of FERPA.  
The Family Educational Rights and Privacy Act Guidance on Sharing Information with Community-Based Organizations 12/1/2014 Guidance on applicability of FERPA to disclosing PII with community based organizations.
Letter to Nevada Department of Education about the applicability of FERPA to providing parents with access to their children’s education records at the State level. 7/28/2014 Letter to the SEA explains parental access to education records maintained by the SEA, including records maintained electronically.  
Transparency Best Practices 7/1/2014 This document provides a number of recommendations for keeping parents and students better informed about schools’ and districts’ collection and use of student data
Uninterrupted Scholars Act Guidance 5/27/2014 This guidance details the changes to FERPA made under the Uninterrupted Scholars Act. It explains how and under which circumstances PII from Education Records can be disclosed to caseworkers or other representatives state, local or tribal child welfare agencies.
Letter to Pennsylvania Department of Education Regarding Charter School 4/4/2014 This letter clarifies that an SEA has the discretion to designate other individuals or entities as its authorized representative to carry out an audit or evaluation of education programs in the State.
Protecting Student Privacy While Using Online Educational Services: Requirements and Best Practices 2/1/2014 This document addresses privacy and security considerations relating to computer software, mobile applications (apps), and web-based tools provided by a third-party to a school or district that students and/or their parents access via the Internet and use as part of a school activity. 
Letter to University of Massachusetts Regarding Disclosures to SLDS 11/22/2013 Letter of guidance as to how an educational institution can meet its obligations under FERPA when it discloses education records to a State longitudinal data system (SLDS) when the institution provides online distance learning to students residing in another state and state law requires the institution to send PII from education records to the SLDS.
Frequently Asked Questions - Disclosure Avoidance 3/1/2013 FAQs to provide general guidance to SEAs and LEAs and institutions regarding best practice strategies for protecting PII in aggregate reports.  
Data De-identification: An Overview of Basic Terms 10/1/2012 This document is intended to assist educational agencies and institutions with maintaining compliance with privacy and confidentiality requirements under FERPA by reviewing basic terminology used to describe data de-identification as well as related concepts and approaches.
FERPA 201: Data Sharing under FERPA 9/8/2012 This online training course covers the basics of data sharing under FERPA, with a focus on the FERPA exceptions under which data may be shared and covering expectations regarding security and privacy of education data.
FERPA 101: For Local Education Agencies 9/8/2012 This online training course is an introduction to the Family Educational Rights and Privacy Act (FERPA), and its requirements relating to the privacy and security of Personally Identifiable Information (PII) in student records.  This course addresses FERPA basics, explores requirements for the protection of student records for Local Education Agencies (LEAs), addresses who may and may not access student records, when those records may be shared, and discusses several of the applicable exceptions to the FERPA requirement for consent.
Letter to Higher Education Board Regarding Personnel Records  7/27/2012 Letter is to the Rhode Island Board of Governors for Higher Education regarding whether a conflict exists between the Rhode Island Access to Public Records Act and FERPA.
Data Breach Response Checklist 6/1/2012 This publication provides educational agencies and institutions with a checklist of critical breach response components and steps to assist stakeholder organizations in building a comprehensive data breach response capability. The checklist is meant to be used as a general example illustrating some current industry best practices in data breach response and mitigation applicable to education community
Presentation: 25th Annual MIS 2012 - Protection of Personally Identifiable Information Through Disclosure Avoidance Techniques (Feb 2012) 2/1/2012 This presentation reviews key disclosure avoidance concepts and provides best practice suggestions for implementing the techniques to ensure proper protection of the privacy and confidentiality of student records under the Family Educational Rights and Privacy Act.
Addressing Emergencies on Campus 6/1/2011 Guidance on FERPA and the Higher Education Act (HEA) as they relate to emergencies on campus.
Responding to IT Security Audits: Improving Data Security Practices 4/1/2011 This issue brief explains what Information audits are and how they can identify critical gaps in data security and reduce the threat of security compromises.
Model Notice for Directory Information 3/1/2011 This document is a template notice for notifying parents and eligible students (students over 18 years of age or attending a school beyond the high school level) about the type of information from student’s education records, designated by a School District as “directory information,” that schools may disclose without consent, unless advised to the contrary.
FERPA General Guidance for Students (En Español) 2/1/2011 General guidance on FERPA for eligible students (Spanish version).
Tech Brief #3: Statistical Methods for Protecting Personally Identifiable Information in Aggregate Reporting 12/1/2010 This Statewide Longitudinal Data Systems (SLDS) Technical Brief examines what protecting student privacy means in a reporting context. 
Technical Brief #1: Basic Concepts and Definitions for Privacy and Confidentiality in Student Education Records 11/1/2010 This Technical Brief discusses basic concepts and definitions that establish a common set of terms related to the protection of personally identifiable information, especially in education records in the Statewide Longitudinal Data Systems (SLDS). This Brief also outlines a privacy framework that is tied to Fair Information Practice Principles that have been promulgated in both the United States and international privacy work.
Data Stewardship: Managing Personally Identifiable Information in Student Education Records 11/1/2010 This Statewide Longitudinal Data Systems (SLDS) Technical Brief focuses on data stewardship, which involves each organization’s commitment to ensuring that privacy, confidentiality, security, and the appropriate use of data are respected when personally identifiable information is collected. Data stewardship involves all aspects of data collection, from planning, collection and maintenance to use and dissemination.
FERPA and the Disclosure of Student Information Related to Emergencies and Disasters 6/1/2010 Guidance to answer questions regarding the disclosure of PII to outside parties when responding to emergencies and disasters.
FERPA and the H1N1 Virus 10/1/2009 Guidance on FERPA as it relates to disclosure of PII to health departments regarding H1N1 flu outbreak. 
Letter to Phi Kappa Phi Regarding Disclosure of Directory Information 8/28/2008 Letter explaining that a college or university may disclose the top 10% of students to Phi Kappa Phi if the school has properly designated honors or awards received as a directory information item and those students have not opted out of the disclosure of directory information.
Letter to Connecticut State Archivist Regarding Education Records 5/21/2008 Letter regarding the applicability of FERPA to education records on deceased students and would consider it a reasonable policy for schools to release the records of students who would be at least 100 years old as of the date of the release to the State archives for public use.
Letter to Texas Education Agency Regarding FERPA and IDEA Enforcement 3/7/2008 Letter regarding the treatment of complaints filed by parents both under FERPA with this office and with their SEA under IDEA.
Letter to New Jersey Department of Education Regarding Student Database  1/11/2008 Letter clarifying that a party qualifies as a contractor of an SEA under FERPA not because of a contract or agreement per se, but by virtue of a contract or agreement to perform services that the SEA would otherwise provide for itself and where the disclosure of PII would be lawful under FERPA if employees were performing the service.
Letter re: Applicability of FERPA to Virginia Sex Offender Registry Law Requiring Disclosure of Applicant Information by Postsecondary Institutions 8/16/2007 Letter to attorney regarding the applicability of FERPA to disclosures of information on applicants (not students) to Virginia State Police under VA sex offender reporting statute.
Letter to School District re: SES Providers Contacting Parents 8/10/2007 Letter to school district providing assurance that Supplemental Educational Service (SES) providers are not prohbited by FERPA from contacting parents of students served in program during previously years.
Letter to Illinois State Board of Education Regarding State Law Reporting Requirements  8/7/2007 Letter regarding the applicability of FERPA to State law that require school districts to report students who have been expelled or withdrawn from school to the Secretary of State for the purposes of obtaining a driver's license.
Letter to Iowa School District Regarding Schools Closed Prior to FERPA  1/31/2007 Letter regarding the applicability of FERPA to student education records in schools that were closed before FERPA's enactment.
Letter to Husk   12/29/2006 Letter summarizing the findings in response to a parent's complaint under FERPA against a school district regarding the parent’s right to inspect and review their child's education records. 
Letter to Minnesota Department of Children, Families, and Learning Regarding Child Abuse Prevention and Treatment Act (CAPTA)  11/21/2006 Letter regarding the applicability of FERPA to Minnesota's alleged child abuse reporting and investigation laws pursuant to the Federal Child Abuse Prevention and Treatment Act (CAPTA). 
Letter to Texas AG: Disclosure of Education Records 7/25/2006 Letter regarding school districts disclosing PII to Office of Attorneys General for assistance with open records requests.
Letter to South Dakota Department of Labor Regarding Studies Exception  5/11/2006 Letter regarding the applicability of FERPA to disclosures from a SEA to a non-education state agency for research purposes.
Letter to Los Angeles Unified School District Regarding National Student Clearinghouse  1/27/2006 Letter regarding the applicability of FERPA to disclosures from a school to the National Student Clearinghouse.
Letter to St. Thomas Aquinas College Regarding Plagiarism Prevention Service 1/6/2006 Letter explaining that there is no exception to FERPA's general consent requirement that permits an educational institution to disclose PII to a plagiarism detection service.
Letter to Special Education Provider Regarding Accrediting Organizations     1/3/2006 Letter addressing the applicability of FERPA to the disclosure of special education records to an accrediting organization by an entity that provides special education programs for students referred by local school districts. 
Letter to Iowa Department of Education re: Disclosure of Education Records to Medicaid Agency for Reimbursement Purposes 10/12/2005 Letter to Iowa Department of Education regarding whether Medicaid claim documentation maintained by schools districts are education records. 
Letter to Carroll Independent School District (TX) re: Destruction of Student Test Data 9/13/2005 Letter regarding the destruction of education records.
Letter to University of North Dakota re: Disclosure of Education Records to FAA Without Student Consent 8/15/2005 Letter to University of North Dakota regarding disclosure of PII to the Federal Aviation Association (FAA).  Letter explains that a student cannot be required by the University to waive the right to consent. 
Letter to Native American Rights Fund Regarding FERPA  4/11/2005 Letter explaining that Tribal Education Departments (TEDs) are not considered a State or local education authority and that an educational agency or institution may not disclose personally identifiable information from student education records to TEDs without the prior written consent of the students' parents.
Letter to Vermont Department of Health Regarding FERPA  3/15/2005 Letter explaining that, while a school may disclose PII from education records under the health or safety emergency exception if it has determined, on a case-by-case basis, that a specific situation presents imminent danger or threat to students or other members of the community, FERPA does not permit the routine disclosure of immunization records to State health departments, without parental consent.
Letter re: status of education records and transcripts from public due process hearings 12/23/2004 Letter to attorney representing school districts in New York regarding due process hearing under Part B.  Records from due process hearing that are maintined by school district subject to FERPA are "education records" and cannot be disclosed without consent.
Letter to New York Regarding Common Law Waiver to Privacy of Records   12/23/2004 Letter explaining that there is no basis in FERPA and IDEA for concluding that education records may be disclosed by a school district without prior written consent because a parent previously permitted them to be submitted into evidence in an open public hearing.
Letter to University of Illinois re: Use of Student ID Numbers Under FERPA 11/26/2004 Letter to University of Illinois regarding the applicability of FERPA to assigned ID numbers.  
Letter to University of Wisconsin-River Falls re: Student Account Identifiers 11/5/2004 Letter to University of Wisconsin-River Falls regarding FERPA applicability to a student's "account ID number."
Letter to University of North Alabama re: Disability Office Records 11/2/2004 Letter to University of North Alabama regarding FERPA applicability to records maintained by disability office.
Letter to Miami University re: Disclosure of Information Making Student's Identity Easily Traceable 10/19/2004 Letter to Miami University (Ohio) regarding an inquiry about media requests for student disciplinary information.  Where disclosure of PII does not fall within an exception to prior consent, University is in best position to initially determine what information must be removed to ensure student's ID is not easily traceable.
Letter to AACRAO re: SEVIS and Disclosures to DHS/ICE 8/27/2004 Letter to the American Association of Collegiate Registrars
and Admissions Officers (AACRAO) regarding the applicability of FERPA to disclosure to Immigrations and Nationalization Services (INS) (now Immigration and Customs Enforcement) under the Student and Exchange Visitor Information System (SEVIS) program.
Letter to Parent re: Disclosure of Education Records to Stepparents 8/20/2004 Letter to parent regarding access to education records by stepparent.
Letter to Parent Regarding Amendment of Special Education Records Under FERPA  8/13/2004 Letter to a parent explaining that a hearing under the IDEA provisions governing a due process hearing is separate from the provisions in FERPA and explaining that the IDEA provides a parent with an opportunity to seek to challenge the contents of education records.
Letter to Parent re: Amendment of Special Education Records 8/13/2004 Letter to parent regarding the applicability of FERPA amendment provisions to seeking amendment of special education records.
Letter to Northern Lebanon School District re: Disclosure of Education Records on Postcards 6/28/2004 Letter that mailing a postcard that includes information on a student is not successfully completing his or her class requirements is an unauthorized disclosure under FERPA.  
Letter to the National Association of Independent Colleges and Universities re: Degree Verification Services 4/16/2004 Letter to National Association of Independent Colleges regarding the applicability of FERPA to the use of the National Student Clearinghouse Degree Verify Program.
Letter to Pennsylvania Department of Education re: Disclosure of Education Records to CDC Grantees 2/25/2004 Letter to Pennsylvania SEA explaining that FERPA does not permit disclosure of PII to the Centers for Disease Control and Prevention(CDC) without consent. 
Letter to California Department of Education re: Disclosure of Education Records to CDC Grantees 2/18/2004 Letter regarding the disclosure to Centers for Disease Control and Prevention (CDC) for surveillance of children with autism and other developmental disability.  
Letter to Eligible Student Appealing Determination Not to Investigate FERPA Complaint     1/20/2004 Letter addressing the FERPA complaint process and explaining that a student does not have a right under the Administrative Procedure Act to appeal a decision by the Office regarding its decision not to investigate a FERPA complaint.
Letter to Mamas Attorney Classroom Observation December 2003 12/8/2003 Letter addressing the applicability of FERPA to individuals observing classrooms.
Letter of Technical Assistance to School District 10/31/2003 Letter to attorney regarding whether FERPA permits the district to disclose PII from one student's education records to parents of another student.  
Dear Colleague Letter Regarding Disclosing Information to FSA without Consent 9/25/2003 Letter to institutions of higher education regarding the refusal to provide PII to Federal Student Aid (FSA) under FERPA's financial student aid exception.  
Joint Letter from Deputy Secretary Hansen and Under Secretary Chu (DoD) re: Military Recruiters 7/2/2003 Joint letter to Chief State School Officers (CSSOs) from U.S. Department of Education and U. S. Department of Defense regarding LEAs not complying with military recruiter provisions of the Elementary and Secondary Education Act (ESEA).
Letter Regarding Redisclosure of the Final Results of Student Disciplinary Proceedings 3/10/2003 Letter in response to request that U.S. Department of Education should change its regulations so as to permit the victim of an alleged perpetrator of a crime of violence to redisclose the final results of a disciplinary proceeding conducted by a postsecondary educational institution with respect to that alleged crime.
Letter to Connecticut SEA Regarding Settlement Agreement 11/4/2002 Letter explaining that the SEA may act as an agent for all school districts in the State that are required to report information to the court in accordance with the terms of a settlement agreement and make the disclosures on their behalf if certain conditions are met.
Letter to Parent Regarding Applicability of FERPA to Private Schools    10/30/2002 Letter explaining that FERPA applies to educational agencies and institutions that receive federal funds from programs administered by the U.S. Department of Education and that FERPA does not apply to private schools at the elementary and secondary levels because they do not generally receive such funds.
Joint Letter From Secretary Paige and Secretary Rumsfeld re: access for and disclosures to Military Recruiters 10/9/2002 Cover letter to original joint U.S. Department of Education and U.S. Department of Defense regarding military recruiters. 
Access to High School Students and Information on Students by Military Recruiters 10/9/2002 Original Q&As on military recruiter provisions in Elementary and Secondary Education Act.
Letter to Kennesaw State University, Georgia re: State Open Records Request 9/27/2002 Letter to Kennesaw State University (GA) regarding whether certain disciplinary records can be disclosed pursuant to State open records law.  
Letter to Washington State Assistant Attorney General Regarding Student Parking Tickets 7/31/2002 Letter to the Assistant Attorney General of Washington, for Washington State University, explaining that a parking ticket issued to a student is an "education record" under FERPA unless the ticket was issued and maintained by the University's law enforcement unit as a "law enforcement unit record."
Letter to Georgetown University Regarding Applicability of FERPA to Student Information  7/31/2002 Letter to university explaining that records, including motor vehicle information, on students regarding violations of local housing or other regulations maintained by school officials outside the university's law enforcement unit are protected as "education records" under FERPA.
Letter to Baum Rgarding Directory Information 7/29/2002 Letter regarding the applicability of FERPA when local laws require disclosures of personal information from students education records maintained at an educational agency.
Legislative History of Major FERPA Provisions 6/1/2002 This document explains some of the major legislative changes made to FERPA over its 40 year history.  It was last updated in June of 2002.
Letter to University of Massachusetts Relating to Teaching Assistants 2/25/2002 Letter to University of Massachusett's regarding applicability of FERPA to disclosures to graduate assistant union.  
Letter to The University of Mississippi on National Collegiate Athletic Association (NCAA) Records 2/12/2002 Letter to Ole Miss regarding whether certain redacted records are "education records."
Letter to Hunter College re: posting grades by last four digits of social security number 5/29/2001 Letter to Hunter College regarding the posting of grades by last 4 digits of SSN.
Letter of technical assistance to University of California re: ED's Office of the Ombudsman 11/2/2000 Letter to University of California regarding whether FERPA permits disclosure of borrower information may be disclosed to the U.S. Department of Education's Ombudsman under FERPA's financial student aid exception.
Technical assistance to Wyoming Community College Commission re: Disclosures to the WCCC and by the WCCC 8/23/1999 Letter to Wyoming Community College Commission (WCCC) regarding applicability of FERPA to disclosure to WCCC Management Information System.
Technical Assistance letter to Utah Office of the Attorney General re: disclosure to auditor 2/12/1999 Letter to Utah regarding whether State auditor may have access to postsecondary PII for purposes relating to UI workforce program.  Letter explained it must be an "education" program that is being audited.
Technical Assistance letter to University of Washington re: disclosure to Canadian Government 12/30/1998 Letter to University of Washington regarding whether FERPA pemits disclosure of PII to Canadian tax office. University may disclose properly designated directory information but not Canadian SSN.
Letter of technical assistance to the National Collegiate Athletic Association 10/22/1998 Letter to the National Collegiate Athletic Association (NCAA) regarding implied consent, disclosure to parents and attorneys, and public disclosure of PII to correct accusation by student.
Letter to New York Regarding Test Protocols and FERPA    8/7/1998 Letter explaining that completed tests instruments or question booklets that do not identify a particular student may not be an "education record" to which parents have the right to inspect and review but the school must respond to a reasonable request for explanation or interpretation of the student's answer sheet, which could include reviewing the question booklet with the parent.
Letter to School District in Arizona Regarding Records Related to National Honor Society  8/4/1998 Letter regarding whether parents have the right under FERPA to inspect and review teacher recommendations, evaluations, or other documents concerning a student's consideration for membership in the National Honor Society or National Junior Honor Society.
Letter from LeRoy S. Rooker, Director-Family Policy Compliance Office re: applicability of the Family Educational Rights and Privacy Act (FERPA) to the reporting requirements of the Hope Scholarship Credit and the Lifetime Learning Credit 11/25/1997 Letter regardng FERPA and reporting requirements of Hope Scholarship program.
Sharing Information:  A Guide to FERPA and Participation in Juvenile Justice Programs 6/1/1997 This guide is for educators, law enforcement personnel, juvenile justice professionals, and community leaders.  Educators and other youth-serving professionals will find clear directions here on how to share information while complying with FERPA
Letter to Richter Medical Interns and Residents  06/22/1995 This 1995 letter to Richter outlines the applicability of the Family Educational Rights and Privacy Act to the records of medical residents. 
Letter to Clemson University Regarding Disclosure of a Student's Religious Preference    3/23/1995 Letter to Clemson University regarding the applicability of FERPA to the disclosure of a student's religious preference to officially-recognized campus ministries. 
Letter to Missouri Department of Elementary and Secondary Education Regarding Disclosures to Medicaid     11/17/1994 Letter addressing whether FERPA would permit the disclosure of PII from students' education records in connection with seeking reimbursement from Medicaid for medical services provided by a school.
Letter to Parent Regarding Directory Information 4/27/1994 Letter explaining that the nonconsensual release of a list of honor roll students by a general category of grade point average does not violate FERPA provided the school has designated honors or awards as directory information items and has met the conditions set forth in FERPA.
Letter to the American Library Association Regarding Student Theses 9/1/1993 Letter regarding the applicability of FERPA to undergraduate and graduate student theses that are made publicly available in university libraries for research purposes. 
Letter of technical assistance to the National Student Clearinghouse 4/19/1993 Letter providing guidance regarding the disclosure of personally Identifiable information (PII) to the National Student Loan Marketing Association) . 
Letter to New York Regarding Medical Residents and Interns 1/24/1992 Letter to New York on whether medical residents and interns are "students" for the purposes FERPA.
Letter to Minnesota SEA Regarding FERPA Hearings on Amendment of Records 6/21/1983 Letter to Minnesota State Educational Agency (SEA) explaining that the Family Educational Rights and Privacy Act (FERPA) requires that a hearing for amendment of education records be held at the local level, not at the State level.
Frequently Asked Question (FAQs)   Online bank of FAQs regarding FERPA, PPRA, and Military Recruiters