Q

FERPA regulation guidelines to email student personal data unencrypted

In order to protect student personal data, FERPA was enacted in 1974. But does protecting that data allow for FERPA educational records to be sent unencrypted via email? Find out in this expert response.

Can an educational institution ever send a student's FERPA-protected information via unencrypted email (or unencrypted email attachment), even to an authorized party?

FERPA (the Family Educational Rights and Privacy Act) regulations, unlike HIPAA or PCI DSS, do not specifically require that information be encrypted. However, they do require that educational institutions be able to limit access to student data to those who are authorized to view it, such as professors and academic advisors. FERPA also requires institutions provide students (and their parents, if the student is under 18) with information...

on who accessed their records and when. As a result, many institutions have mandated the use of encryption as an access control mechanism.

This is where things get interesting; many educational institutions have forbidden professors from discussing grades and other FERPA-protected information over email. However, other institutions permit such discussions as long as the conversations take place over university-controlled systems. So, while strictly speaking it is permitted to email unencrypted FERPA data, many institutions opt not to take any chances. The best thing I can tell you is to approach this issue with caution and to discuss this with the legal team before setting any official policy.

For more information:

  • Read more about how to prepare for a FERPA audit.
  • This was first published in December 2009

    Dig deeper on Security Resources

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close