Understanding FERPA: The Family Educational Rights and Privacy Act


Welcome to Iowa State University’s FERPA training: Understanding FERPA. Through this training, you will learn:
What is the Family Educational Rights and Privacy Act? What information is
protected under FERPA. And, how to avoid FERPA violations. Let’s get started! So, just what is FERPA? Passed by Congress in 1974, FERPA stands for the Family Educational Rights and Privacy Act. FERPA protects education records of students who are or who have been in attendance
at post-secondary institutions. FERPA grants four primary rights to college or
university students. They have the right to: inspect and review their records,
seek amendment to an incorrect record, limit disclosure of personally
identifiable information or directory information, file a complaint with the
Department of Education concerning an alleged failure by the institution to
comply with FERPA. At Iowa State, FERPA begins when a
student registers or enrolls in their first class. As a faculty or staff member
or student employee at Iowa State University, you have a legal
responsibility under FERPA to protect the confidentiality of student
educational records in your possession. Your job places you in a position of
trust and you are an integral part of ensuring that student information is
handled properly. Need to know is the basic principle. Peeking at a student’s
record is not okay. When in doubt, contact the Office of the
Registrar at [email protected] Education or academic records are
defined as records that are directly related to a student and maintained by
the university, include any records in any medium that are in the possession of
any university official information that is part of a confidential student
education record include: class list, advising folder or file, personal
information such as name, ID, photo, enrollment records, student exams, or
papers, grades, class schedules, disciplinary files, financial aid
information, and student employment records. Education records do not include records
in the sole possession of the maker that are not accessible to other personnel,
such as personal notes made by an advisor to remember a student, law
enforcement records created and maintained by law enforcement or campus security for law enforcement purposes, employment records unless the students
enrollment is a prerequisite of their employment, medical or psychological
treatment records, or alumni records (those created after the student
graduated or has left the institution). Directory information, information
contained in an education record of a student, which would not generally be
considered harmful or an invasion of privacy if disclosed. Directory
information can never include social security number, student identification
number, race, ethnicity, nationality, or gender. Directory information, as defined by Iowa
State, includes: name and in session address, telephone number, campus email address, college curriculum, year in school, enrollment status. Please note, other
institutions may identify directory information differently. Other information that’s considered public and can be released on request
include: mailing address, date, and place of birth, hometown, dates of attendance at Iowa State, expected date of graduation, name of advisor, awards and academic
honors, Iowa State degrees and dates awarded, previous educational
institutions attended, degrees received, dates of attendance, full or part-time
status participation in officially recognized activities, and sports weight
and height of athletic team members, but keep in mind that just because you can
release the information doesn’t mean you should. When in doubt, contact the Office
of the Registrar In addition, students may choose to keep
some or all of their information confidential. Students may make this
request through AccessPlus. Always check for “No Information Release” or other
restrictions before releasing information about a student. Students also have the option of
granting third party access to some of their information in AccessPlus, but be
aware that third party access does not grant access to all education record
information. Under special circumstances, in emergencies, or a death, information
covered under FERPA may be released; however, it’s good practice to check with
the Registrar’s Office first. Depending on the circumstances, non-directory
information may be released if it’s needed to protect the health or safety
of the student or other individuals in a crisis or emergency situation. If a
student dies, the privacy rights of an individual expire upon death. Education
records held for a deceased student is not a FERPA issue, but a matter of
institutional policy. Iowa State will exercise discretion in deciding whether,
and under what conditions, information should be disclosed to survivors or
third parties. The following two slides go over some common FERPA violations and are good reminders of what not to do. Don’t use social security numbers or
university ID numbers of students in a public posting of grades. Don’t leave graded tests in a stack for students to pick up by sorting through
the papers of all students. Don’t circulate a printed class list with
student name and ID numbers or grades as an attendance roster. Don’t provide
anyone with lists of students enrolled in a class for commercial purpose. Don’t
discuss the progress of any student with anyone other than the student (including
parents) without the consent of the student, unless there is legitimate
academic need to know by another employee of Iowa State University. Don’t
provide anyone with student schedules or assist anyone other than university
employees in finding a student on campus. Don’t submit a student’s paper to an
anti-plagiarism service without first removing the student’s name, ID number, or any other personally identifiable information. Don’t send an Excel workbook with multiple tabs or worksheets that include student information. Remember, all sheets or tabs can be viewed. Instead, copy and paste the information that doesn’t identify a student into a new workbook. Don’t share confidential
information (such as grades) through email. Find a safer way to share information
when possible with students other than email. Use Blackboard Learn, AccessPlus, Cybox, etc. When in doubt, contact the Office of
the Registrar. Now, it’s time to test your FERPA
knowledge. In order to complete and receive credit for this FERPA training,
please continue on at your convenience to a brief, approximately 10 to 15 minute
quiz. Please note: Following completion of the FERPA quiz, you will need to
complete an employee confidentiality agreement. In the software, the
confidentiality agreement is referred to as survey. Go to Learn.iastate.edu to complete your FERPA training.

Leave a Reply

Your email address will not be published. Required fields are marked *