FERPA Compliance Checklist
FERPA Compliance Checklist
I. Compliance Overview
Objective: Ensure that [YOUR INSTITUTION NAME]complies with the Family Educational Rights and Privacy Act (FERPA).
Responsible Party: [YOUR NAME], FERPA Compliance Officer
Date of Last Review: [DATE]
Next Scheduled Review: [NEXT REVIEW DATE]
II. Policy and Procedures
1. FERPA Policy
-
Review and update the institution's FERPA policy.
-
Ensure the policy is communicated to all staff and students.
2. Access Control
-
Implement procedures to control access to student education records.
-
Ensure that only authorized personnel have access to student information.
III. Data Collection and Maintenance
1. Consent Forms
-
Obtain appropriate consent from students or parents before disclosing education records.
-
Maintain records of consents received.
2. Data Accuracy
-
Ensure accuracy and completeness of student education records.
-
Provide mechanisms for students to request corrections to their records.
IV. Disclosure and Sharing
1. Authorized Disclosures
-
Educate staff on permissible disclosures of student information under FERPA.
-
Implement procedures for handling requests for student records.
2. Directory Information
-
Define and publish the institution's directory information.
-
Allow students to opt-out of directory information disclosure.
V. Training and Awareness
1. Staff Training
-
Conduct FERPA training for all faculty and staff with access to student records.
-
Ensure staff understand their responsibilities under FERPA.
VI. Security and Data Protection
1. Data Security Measures
-
Implement security controls to protect student records from unauthorized access.
-
Encrypt sensitive data when transmitting or storing electronically.
VII. Incident Response
1. Data Breach Response Plan
-
Develop and maintain a response plan for data breaches involving student information.
-
Notify affected individuals and authorities as required by law in case of a breach.
VIII. Audits and Monitoring
1. Regular Audits
-
Conduct regular audits of FERPA compliance practices.
-
Address any identified issues promptly and thoroughly.
IX. Recordkeeping
1. Documentation
-
Maintain records of FERPA compliance activities, including training and audits.
-
Retain records for the required period as per FERPA regulations.
X. Annual Notification
1. Annual Notification to Students
-
Provide annual notification to students regarding their FERPA rights.
-
Include information on how to access and request their education records.
XI. Compliance Review
1. Review and Update
-
Regularly review and update the FERPA compliance program to reflect changes in regulations or institutional practices.
XII. Signature
By signing below, you acknowledge that you have reviewed and understand the contents of this FERPA compliance checklist.
FERPA Compliance Officer
Date: [DATE]