“We must provide our schools, teachers and students cutting-edge learning tools. And we must protect our children’s privacy. We can and must accomplish both goals”
- Secretary Duncan, February 24, 2014

On February 24, 2014, U.S. Secretary of Education Arne Duncan addressed the topic of Privacy and Progress. The summit brought together more than 100 key stakeholders for a national conversation about respecting and safeguarding student privacy while leveraging technology to improve learning opportunities.

Family Educational Rights and Privacy Act (FERPA)

FERPA is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds from the U.S. Department of Education.  FERPA gives parents certain rights with respect to their children’s education records. These rights transfer to the student when he or she reaches the age of 18 or attends a school beyond the high school level.  The following graphic (adapted from a resource created by the Data Quality Campaign) provides a simplified illustration explaining the allowable uses and limitations of data under FERPA.

The FERPA Basics chart identifies when student data can and cannot be shared.

Privacy Technical Assistance Center (PTAC)

The U.S. Department of Education is committed to both technological progress and the protection of privacy and security for students, educators, and all involved in schools. The U.S. Department of Education runs the Privacy Technical Assistance Center (PTAC) as a “one-stop” resource for answering questions and addressing concerns related to privacy, confidentiality, and security practices. PTAC provides timely information and updated guidance on privacy, confidentiality, and security practices through a variety of resources, including training materials and opportunities to receive direct assistance with privacy, security, and confidentiality of student data systems.

Protecting Student Privacy While Using Online Educational Services
New education technologies often raise questions about how best to protect student privacy during use. This document addresses privacy and security considerations relating to computer software, mobile applications, and web-based tools provided by a third-party to a school or district that students and/or their parents access via the Internet and use as part of a school activity. It presents some requirements and best practices to consider when evaluating the use of online educational services.

Download the Protecting Student Privacy While Using Online Educational Services document [PDF]

Identity Authentication Best Practices
This brief offers best practice recommendations for developing and implementing effective authentication processes to help ensure that only appropriate individuals and entities have access to education records. General suggestions provided in the brief are applicable to all modes of data access, be it in person, over the phone, by mail, or electronically.

Download the Identity Authentication Best Practices brief [PDF]