Resources

This section houses all guidance documents, training materials, policy letters and other resources dedicated to protecting student privacy.  To narrow the list of documents below, use the drop down menus to select the type of resource, the topic and/or the audience and click the ‘apply’ button.  An updated list of resources will then be displayed below.

Guidance and Best Practices

Guidance for Reasonable Methods and Written Agreements

This document provides guidance for schools, school districts, postsecondary institutions, and State educational authorities (such as State educational agencies) that may disclose personally identifiable information from education records. The document provides these entities with information about requirements and best practices for data disclosures under the studies exception and the audit or evaluation exception, as specified in the Family Educational Rights and Privacy Act.

Guidance and Best Practices

Responsibilities of Third-Party Service Providers under FERPA

This document was developed by PTAC to assist online educational services providers, vendors, and contractors in understanding the Family Educational Rights and Privacy Act (FERPA). Similar guidance, Protecting Student Privacy While Using Online Educational Services, is intended for school audiences; this guidance presents the same material, but in a format geared toward third-party service providers.

Guidance and Best Practices

Issue Brief: Data Governance and Stewardship

This brief provides guidance on how to successfully manage complex data systems by establishing a comprehensive data governance approach. Data governance principles discussed in this paper apply to a large number of audiences and can be used to improve data management of systems spanning pre-school through postsecondary education and into the workforce.

Letters

Letter to Virginia Attorney General Mark Herring Regarding Public Release of Executive Summary provided to University of Virginia Board of Visitors

Letter to the Commonwealth of Virginia’s Attorney General Mark Herring providing guidance and technical assistance regarding the applicability of FERPA to the potential public release of an executive summary of a report provided to the University of Virginia’s Board of Visitors.

Guidance and Best Practices

Cloud Computing FAQ

This document is designed to assist educational agencies and institutions that are considering using cloud computing solutions for education data. It contains responses to frequently asked questions about meeting necessary data privacy and data security requirements, including compliance with the Family Educational Rights and Privacy Act, to ensure proper protection of education records.

Guidance and Best Practices

Contractor Responsibilities Under FERPA: Single Page

This document is intended for state educational agencies (SEAs) and/or their contracted companies to use to inform the contractors’ staff about their responsibilities to protect students’ personally identifiable information acquired under FERPA’s audit or evaluation exception.

This version is a single-page .pdf intended for use as a standard FERPA-only acknowledgement.