This is the first in a series of monthly articles planned by new OSD Records Management Supervisor David LaGarde. David can be reached at Ext. 8570 or email@example.com. Welcome David!
MISSed Information Tip
What is FERPA?
Family Educational Rights to Privacy Act
FERPA is a Federal law that is administered by the Family Policy Compliance Office (Office) in the U.S. Department of Education (Department). 20 U.S.C. § 1232g; 34 CFR Part 99.
FERPA applies to all educational agencies and institutions (e.g., schools) that receive funding under any program administered by the U.S. Department of Education.
Parochial and private schools at the elementary and secondary levels generally do not receive such funding and are, therefore, not subject to FERPA. Private postsecondary schools, however, generally do receive such funding and are subject to FERPA. Additionally, general information that a school official obtains through personal knowledge or observation, or heard orally from others, is not protected under FERPA. Olympia School District receives federal funding, and all grades and schools in our district are subject to FERPA.
FERPA is intended to protect a student’s right to privacy with regard to personally identifiable information (Pii) contained within educational records. Such records may not be released without the student or parent/legal guardian consent when a student is under the age of 18 years of age. Such records include but are not limited to grades, transcripts, class lists, student schedules, health records, and student discipline records.
School employees usually have the best intentions when it comes to protecting student information. There are occasions when violations occur and it was done without the knowledge that the employee did anything wrong. Restricted information such as grades, GPA, or personally identifiable information (Pii) such as Social Security numbers should never be sent through email. Take care not to forward or reply to emails which are sent to you containing sensitive data without removing such data prior to transmission. Here is one such example:
Example: Group email from teachers to multiple students
The Blind Carbon Copy (BCC) feature is a frequently misunderstood and often misused function of an email system.
BCC sends a single email to a group without the recipient email addresses being visible. It is easy to forget to use the BCC field or to misuse this technology which can quickly lead to a teacher or school employee inadvertently sharing protected information among multiple students.
For example, there could be a case in which a teacher sends an email to students who are in danger of failing the class. For ease of distribution, the teacher creates one email and sends it to a list of students who are failing. Without realizing, the teacher has disclosed the list of failing students to everyone on the list by using Carbon Copy (CC). If the teacher used the BCC feature, the students would never know who else received the email. This is a simple error, but would be a violation under FERPA.
Note: If staff have questions about FERPA Personally Identifiable Information in regards to student records, please contact Chief Information Officer Marc Elliott at Ext. 6172 or firstname.lastname@example.org.