Skip to main content

Schools

Popular Links

  1. Parents And Community
  2. Data Privacy and Security
  3. FERPA

FERPA

FERPA

The Family Educational Rights and Privacy Act (FERPA) affords parents and students who are 18 years of age or older ("eligible students") certain rights with respect to the student's education records.  These rights are:

  1. The right to inspect and review the student's education records within 45 days after the day the [Name of school (“School”)] receives a request for access.

    Parents or eligible students who wish to inspect their child’s or their education records should submit to the school principal [or appropriate school official] a written request that identifies the records they wish to inspect.  The school official will make arrangements for access and notify the parent or eligible student of the time and place where the records may be inspected.

  2. The right to request the amendment of the student’s education records that the parent or eligible student believes are inaccurate, misleading, or otherwise in violation of the student’s privacy rights under FERPA.

    Parents or eligible students who wish to ask the [School] to amend their child’s or their education record should write the school principal [or appropriate school official], clearly identify the part of the record they want changed, and specify why it should be changed.  If the school decides not to amend the record as requested by the parent or eligible student, the school will notify the parent or eligible student of the decision and of their right to a hearing regarding the request for amendment.  Additional information regarding the hearing procedures will be provided to the parent or eligible student when notified of the right to a hearing.

  3. The right to provide written consent before the school discloses personally identifiable information (PII) from the student's education records, except to the extent that FERPA authorizes disclosure without consent.

    One exception, which permits disclosure without consent, is disclosure to school officials with legitimate educational interests.  The criteria for determining who constitutes a school official and what constitutes a legitimate educational interest must be set forth in the school’s or school district’s annual notification for FERPA rights.  A school official typically includes a person employed by the school or school district as an administrator, supervisor, instructor, or support staff member (including health or medical staff and law enforcement unit personnel) or a person serving on the school board.  A school official also may include a volunteer,  contractor, or consultant who, while not employed by the school, performs an institutional service or function for which the school would otherwise use its own employees and who is under the direct control of the school with respect to the use and maintenance of PII from education records, such as an attorney, auditor, medical consultant, or therapist; a parent or student volunteering to serve on an official committee, such as a disciplinary or grievance committee; or a parent, student, or other volunteer assisting another school official in performing his or her tasks.  A school official typically has a legitimate educational interest if the official needs to review an education record in order to fulfill his or her professional responsibility.

  4. The right to file a complaint with the U.S. Department of Education concerning alleged failures by the [School] to comply with the requirements of FERPA.The name and address of the Office that administers FERPA are:

Student Privacy Policy Office

U.S. Department of Education

400 Maryland Avenue, SW

Washington, DC  20202
or by email to FERPA.Complaints@ed.gov

FERPA permits the disclosure of PII from students’ education records, without consent of the parent or eligible student, if the disclosure meets certain conditions found in § 99.31 of the FERPA regulations.  Except for disclosures to school officials, disclosures related to some judicial orders or lawfully issued subpoenas, disclosures of directory information, and disclosures to the parent or eligible student, § 99.32 of the FERPA regulations requires the school to record the disclosure.  Parents and eligible students have a right to inspect and review the record of disclosures.  A school may disclose PII from the education records of a student without obtaining prior written consent of the parents or the eligible student –

  • To other school officials, including teachers, within the educational agency or institution whom the school has determined to have legitimate educational interests.This includes contractors, consultants, volunteers, or other parties to whom the school has outsourced institutional services or functions, provided that the conditions listed in § 99.31(a)(1)(i)(B)(1) - (a)(1)(i)(B)(3) are met. (§ 99.31(a)(1))
  • To officials of another school, school system, or institution of postsecondary education where the student seeks or intends to enroll, or where the student is already enrolled if the disclosure is for purposes related to the student’s enrollment or transfer, subject to the requirements of § 99.34.(§ 99.31(a)(2))
  • To authorized representatives of the U. S. Comptroller General, the U. S. Attorney General, the U.S. Secretary of Education, or State and local educational authorities, such as the State educational agency (SEA) in the parent or eligible student’s State.Disclosures under this provision may be made, subject to the requirements of § 99.35, in connection with an audit or evaluation of Federal- or State-supported education programs, or for the enforcement of or compliance with Federal legal requirements that relate to those programs.These entities may make further disclosures of PII to outside entities that are designated by them as their authorized representatives to conduct any audit, evaluation, or enforcement or compliance activity on their behalf, if applicable requirements are met.(§§ 99.31(a)(3) and 99.35)
  • In connection with financial aid for which the student has applied or which the student has received, if the information is necessary for such purposes as to determine eligibility for the aid, determine the amount of the aid, determine the conditions of the aid, or enforce the terms and conditions of the aid.(§ 99.31(a)(4))
  • To State and local officials or authorities to whom information is specifically allowed to be reported or disclosed by a State statute that concerns the juvenile justice system and the system’s ability to effectively serve, prior to adjudication, the student whose records were released, subject to § 99.38. (§ 99.31(a)(5))
  • To organizations conducting studies for, or on behalf of, the school, in order to:(a) develop, validate, or administer predictive tests; (b)administer student aid programs; or (c)improve instruction, if applicable requirements are met.(§ 99.31(a)(6))
  • To accrediting organizations to carry out their accrediting functions.(§ 99.31(a)(7))
  • To parents of an eligible student if the student is a dependent for IRS tax purposes.(§ 99.31(a)(8))
  • To comply with a judicial order or lawfully issued subpoena if applicable requirements are met.(§ 99.31(a)(9))
  • To appropriate officials in connection with a health or safety emergency, subject to § 99.36.(§ 99.31(a)(10))
  • Information the school has designated as “directory information” if applicable requirements under § 99.37 are met.(§ 99.31(a)(11))
  • To an agency caseworker or other representative of a State or local child welfare agency or tribal organization who is authorized to access a student’s case plan when such agency or organization is legally responsible, in accordance with State or tribal law, for the care and protection of the student in foster care placement.(20 U.S.C. § 1232g(b)(1)(L))

     

  • To the Secretary of Agriculture or authorized representatives of the Food and Nutrition Service for purposes of conducting program monitoring, evaluations, and performance measurements of programs authorized under the Richard B. Russell National School Lunch Act or the Child Nutrition Act of 1966, under certain conditions. (20 U.S.C. § 1232g(b)(1)(K))

ACCESS TO STUDENT RECORDS

The Federal Family Educational Rights and Privacy Act (FERPA) protects the privacy of student-education records, and gives parents and students age 18 or older certain rights with respect to these records. Parents/guardians have the right to inspect and review official educational records directly related to their children. Copies of records may be obtained for a fee. If parents believe that any record is incorrect or misleading, they have the right to an opportunity for a hearing to challenge the contents. For additional information about the policy and regulations, parents can contact Business Administrator Staci SanSoucie at 248-6308 or through email.

Email Staci SanSoucie

DIRECTORY INFORMATION

Under FERPA, certain categories of student information have also been designated as directory information. This information includes a student’s name, major course of study, participation in school activities or sports, weight and height if a member of an athletic team, degrees and awards received, photograph and class roster. Directory information may be used in the following ways: sports programs, newspapers, other media, college recruiters, college admission offices, college coaches, etc. Parents and eligible students may request, in writing, that the school not disclose directory information. Send the request to the Superintendent’s Office, 222 Woodbine Ave. East Rochester, NY 14445. 

HIPAA AND FERPA COMPLIANCE

The Health Insurance Portability and Accountability Act of 1996 requires standards to be adopted in two areas:
• Electronic health-care transactions (include standardizing the manner in which health services are claimed by any entity for any person in receipt of such a service)
• Privacy (confidentiality) of all health-related services provided. This involves protection of health information for anyone in receipt of such services.

Electronic health-care transactions: Since the Central New York Regional Information Center submits all Medicaid claim data to the electronic Medicaid system in NYS (eMedNY) for processing, it is a covered entity under this act. The electronic transmission of Medicaid data is now HIPAA-compliant. Privacy: The Family Educational Rights and Privacy Act – Buckley Amendment (FERPA, aka Buckley Amendment) is more restrictive than HIPAA with respect to the protection of privacy and security of all healthrelated services. Since all school districts (and any other educational entities that have access to student data) are obligated to be in compliance with FERPA, they are also HIPAA- compliant.

In order to assure compliance with FERPA (and thus with HIPAA), the following minimum procedures must be in place:
• All student data files and information must be protected (i.e. student files are locked or accessible only by appropriate personnel).
• Any student information/files transmitted to other appropriate recipients must also be protected. Information files must be encrypted and password- protected.
• Student information/files may be faxed to appropriate personnel, but only to secure sites. Parental consent is required for the release of any personally identifiable information, other than those specifically excluded in the FERPA Fact Sheet.

See Procedures for Transmission of Student-Specific Information for all communications between school districts and SED/DOH pertaining to student-specific information. 

You can also read Annual Notices from the US Department of Education on their website.