Family Educational Rights Privacy Act (FERPA)

This section houses all guidance documents, training materials, policy letters and other resources directly related to the Family Educational Rights and Privacy Act.  The FERPA regulations can be found here.

Guidance Videos

Email and Student Privacy

Email is an easy way to communicate with students and parents. Prior to sending an email, it’s important to evaluate the risk associated with sending student information and recognizing if it is personally identifiable information (PII). This video walks you through best practices on how to email student information.

Letters

Response to Technical Assistance Request from Suffolk University

The U.S Department of Education has issued this guidance letter in response to a technical assistance request from Suffolk University.  In their request, representatives from the University sought guidance on the use of the Department’s National Student Loan Data System (NSLDS) for research and evaluation purposes, to study student loan servicing and borrower default and delinquency of Suffolk’s students and graduates.

Letters

Dear Colleague Letter to School Officials at Institutions of Higher Education

Institutions of higher education have a strong interest in ensuring that students have uncompromised access to the support they need, without fear that the information they share will be disclosed inappropriately. Providing on-campus access to medical services, including mental health services, can help promote a safe and healthy campus. The practice of sharing a student’s sensitive medical records with others not involved in their treatment may discourage the use of medical services provided on campus.  The U.S.

Guidance Videos

The A-B-C's of Student Directory Information

FERPA allows schools and districts to designate certain basic student information as directory information, and share that information without consent if certain additional requirements are met. This video describes why a school would want to use designated student directory information and the types of information that fall into this category. It also explains the process that schools and districts must adhere to when designating directory information.

Letters

OCPO response to Louisiana on Enrollment Data and Disclosure Avoidance

Letter to the Louisiana State Superintendent of Education answering questions relating to protecting student privacy in public reporting.  The document addresses the U.S. Department of Education’s practices and recommendations to States on how to protect privacy when publicly reporting enrollment data. 

Guidance and Best Practices

Responsibilities of Third-Party Service Providers under FERPA

This document was developed by PTAC to assist online educational services providers, vendors, and contractors in understanding the Family Educational Rights and Privacy Act (FERPA). Similar guidance, Protecting Student Privacy While Using Online Educational Services, is intended for school audiences; this guidance presents the same material, but in a format geared toward third-party service providers.

Guidance and Best Practices

Guidance for Reasonable Methods and Written Agreements

This document provides guidance for schools, school districts, postsecondary institutions, and State educational authorities (such as State educational agencies) that may disclose personally identifiable information from education records. The document provides these entities with information about requirements and best practices for data disclosures under the studies exception and the audit or evaluation exception, as specified in the Family Educational Rights and Privacy Act.

Letters

Letter to Virginia Attorney General Mark Herring Regarding Public Release of Executive Summary provided to University of Virginia Board of Visitors

Letter to the Commonwealth of Virginia’s Attorney General Mark Herring providing guidance and technical assistance regarding the applicability of FERPA to the potential public release of an executive summary of a report provided to the University of Virginia’s Board of Visitors.

Guidance and Best Practices

Contractor Responsibilities Under FERPA: Single Page

This document is intended for state educational agencies (SEAs) and/or their contracted companies to use to inform the contractors’ staff about their responsibilities to protect students’ personally identifiable information acquired under FERPA’s audit or evaluation exception.

This version is a single-page .pdf intended for use as a standard FERPA-only acknowledgement.