FERPA and Campus Safety: June 19, 2009 NACUANOTES by Steve McDonald and Nancy Tribbensee Volume 7, No. 8
University of North Carolina Safety Task Force Report: November 2007 Report from the UNC Campus Safety Task Force. There is an excellent discussion of FERPA, HIPAA and local law in Appendix A to the Working Group Appendices titled Sharing Information Concerning University Students when there is a Perceived Risk of Danger to Self or Others, Summary of Applicable Law.
FPCO/Dept of Education: Guidance on FERPA and Health or Safety Emergencies : This web page includes brochures and other resources on release of education records in emergency situations. The brochure for postsecondary includes clarification of when disclosure may be made to parents.
Protecting Student Privacy While Using Online Educational Services: Requirements and Best Practices**
issued by Privacy Technical Assistance Center Feb. 2014
Mobile Internet Device Security Guidelines: Published by the Higher Education Information Security Council (HEISC) Technologies, Operations, and Practices (TOP) working group. This is a living document and input is welcome. Includes sample college and university guidelines.
Privacy and the Handling of Student Information in the Electronic Networked Environments of Colleges and Universities (from the Educause Library 1997) (editor's note: Don't let the date fool you into not reading this, it is a classic)
FPCO Letters and other Guidance
Nov. 22, 2013 FPCO Guidance Letter to U. Mass clarifying written agreement needed when disclosing education records to state longitudinal data system. See page 3 of letter for what should be in place prior to disclosure.
FPCO Letter May 8, 2013 to University of Massachusetts, Dartmouth
Question was can UMass disclose to news media education record information on a student charged in the Boston Marathon bombing. Answer was records protected by FERPA.
FPCO Letters from 2002-2007
This page includes FPCO technical assistance letters from 2002-2007 that are relevant to IHEs.
Family Policy Compliance Office Guidance letter dated Oct. 7, 2005 to Tazewell County on electronic student database systems and FERPA. This letter has implications for many "standard" student record systems and how they are configured in terms of access.
Indiana University Information Policy Office: Use of Cloud Computing, August 26, 2009 Position Paper
If It's in the Cloud, Get it On Paper: Cloud Computing Contract Issues By Thomas J. Trappler, Educause Quarterly
Outsourcing and Cloud Computing for Higher Education: By Tracy Mitrano, Updated January 11, 2010. Includes a section on Legal and Policy Contractual Considerations, as well as a chart at Appendix B by Steve McDonald on Legal and Quasi Legal Issues.
CLOUD CONTRACTING: OUTSOURCING E-MAIL@YOURUNIVERSITY.EDU, NACUANOTES, Dec. 16, 2009
This NACUANOTE covers some of the key legal issues involved in contracting with a commercial entity providing outsourced campus e-mail.
Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing: Feb. 23, 2009 World Privacy Forum report which discusses the issue of cloud computing and outlines implications for the privacy of personal, business and governmental information. See also What is Cloud Computing?
Subpoenas and Other Compulsory Legal Requests
Guidelines to Responding to Compulsory Legal Requests for Information: By Steven McDonald and Andrea Nixon
Includes information on responding to subpoenas, search warrants, court orders, National Security Letters, and Public Records Requests.
|Belmont University's FERPA tutorial is a prize-winning online tutorial. We are grateful to Jason B. Rogers, Vice President and University Counsel and to Belmont University for sharing this material.|
|U.MD. FERPA tutorial|
updated mlo 3-9-13