What Is The Family Educational Rights and Privacy Act?

The Family Educational Rights and Privacy Act of 1974 (FERPA) was established in 1974 (as the Family Educational Rights and Privacy Act 20 U.S.C. 1232g) to better define the rights of access to and the privacy of a student’s educational records. The act determines the information that educational institutions can give out to third parties, gives a student’s parents some rights to this information, and defines ways the student himself can approve or prevent the use of such information.

The details of FERPA are important when considering the intersection of private individual information and accessibility. FERPA gives parents rights to review and potentially contest historical educational information about their children, along with certain controls over whom is allowed to see this information. These laws attempt to balance the need for available information with the need of citizen privacy within the United States.

Any educational institution that receives federal funding must comply with FERPA rules. The act defines a student as anyone who is enrolled in and attends an educational body or the offerings thereof, with specific inclusions for attendance to cover nontraditional methods like online coursework.

The act also gives permissions to the student’s parents (legal parents, including foster and adoptive) to access the student’s educational records and information. While a student is under 18, the parents are the direct parties of FERPA. After the student turns 18, she is the eligible party, although parents who count the student as a dependent on their income taxes are still within FERPA’s reach.

FERPA establishes the rights of the parent and the student to:

• Access the student’s educational records;
• Request amendments to the educational records; and
• Limit and control, to an extent, the information that can be disclosed by the educational institution to third parties.

The first two points allow parents, or eligible students, to examine the educational institution’s records and to suggest amendments to parts of the record they feel are inaccurate. If the school does not choose to modify the record, the parent or student is permitted a hearing with school officials. If the record remains unchanged, the parent or student may include a formal statement that becomes part of the record stating their personal case.

The third point becomes more complicated, especially based on amendments made to FERPA in the Patriot Act and other amending laws. FERPA allows protection of some types of information under some circumstances; the legality of release depends on the conditions and the situation.

• Educational entities have the right to release what is called directory information about students to anybody at any time. Directory information is defined as information from a student’s record that is likely to be available elsewhere and is not generally considered as either harmful or an invasion of privacy. This sort of information includes a student’s full name, address, date of birth, telephone number and dates of attendance. The key is that parents and/or eligible students must be notified of what is considered directory information in advance and must be given an opportunity and a reasonable amount of time to request the educational institution not disclose this information to third parties.
• FERPA allows an educational institution to release a student’s educational record to a few entities without requiring explicit consent. These include schools a student is transferring to; officials with a legitimate educational interest, in health or safety emergency situations; for auditing purposes; certain organizations related to the school; and requests related to judicial order, subpoena or legal authorities.
• Once any information has been disclosed by the educational institution to a third party, there remains a responsibility to ensure that the third party does not then violate FERPA expectations by further releasing said information. This responsibility lies both with the third party and the educational entity that has passed on the information. 

FERPA can come into play at any point a parent or eligible student makes a request for their relevant educational files. This is especially important if the information access then leads to a request for amendment. A parent (or student) can make a request of amendment on educational records in cases where the information recorded is inaccurate or misleading.

Keep in mind that the purpose of FERPA is to keep schools to a generally accepted standard when recording educational information. FERPA cannot be used to challenge an official grade, an educational individual’s opinion or a decision an institution makes about a student.

FERPA is also considered when a third party requests access to student information. The school is expected to withhold information from a student’s educational records without explicit written consent from the parent or the eligible student. Exceptions exist, and information that is considered directory information can be shared unless a parent (or student) has explicitly filed a measure requesting it not be shared. Likewise, information can be shared without explicit consent in a small collection or exceptions, mainly when an official body requests the information from the educational facility.

FERPA rights are generally enforced by the United States Department of Education. Educational entities that violate FERPA can potentially lose their government funding. Employees of these institutions who violate the FERPA laws can be dismissed or terminated.

Violations of these rights can be filed with the Family Policy Compliance Officer, an employee of the U.S. Department of Education. All complaints submitted in a timely fashion will be investigated by the administration or the officer. If violations are confirmed, both the educational institution and the student will be informed, and the investigation is closed only when voluntary compliance is reached by the educational entity.

A school’s educational disclosure records are also vulnerable to audit. While FERPA does not detail specific logging or audit requirements, any educational institution may be audited for compliance with FERPA regulations. This requires these entities to keep careful logs of student records, who has accessed these records, and whether records have been destroyed as stipulated in the school’s document retention policy.

For example: Consider an assignment at a school that is peer-graded, which means that students receive a classmate’s assignment and are responsible for grading it. Initially, this might be considered a case involving FERPA, since the student grading the peer assignment is thus exposed to the peer’s academic performance without having the consent or permission to see it. However, after evaluation of the case, the courts determined that this was not, in fact, a privacy violation, because the true grade was determined by the value the teacher entered into their academic files, not by the peer review.

Overall, it’s important that anyone involved in social services at educational institutions, as well as all other relevant parties, is aware of FERPA requirements and what they mean for various types of information. In today’s world, in which more and more private information often is released to the general public, educational documentation must be protected as the law demands.