How does the Family Educational Rights and Privacy Act affect cloud data, and when can IT leaders be held liable? Here’s what districts should know about these laws in today’s education landscape.
The main federal statute guiding student data privacy is FERPA, which stands for the Family Educational Rights and Privacy Act. “It requires that schools protect the privacy of education records and give parents access to them,” says LeRoy Rooker, senior fellow at the American Association of Collegiate Registrars and Admissions Officers.
FERPA protects student privacy by “defining what information schools can collect, maintain, and disclose with and without a student’s or their parents’ or guardians’ consent,” says Charlie Sander, CEO of ManagedMethods, a cloud security and safety platform built specifically for K–12 district technology teams.
“We’ve seen students gain access to their peers’ information and use that to bully them. We’ve seen criminals use parents’ information to try to extort ransom payments from the district. And we’ve seen them sell student information to identity thieves on the dark web. These incidents have real consequences to the long-term health and well-being of our students.”
– Charlie Sander, CEO, ManagedMethods