What does FERPA mean and how is FERPA compliance determined?
FERPA stands for the Family Educational Rights and Privacy Act. This U.S. federal regulation governs how public schools, public universities and other educational institutions receiving funding from the U.S. Department of Education (DOE) can store, handle and disclose personally-identifiable information contained in student educational records.
Under FERPA, educational institutions are generally prohibited from sharing students’ personally-identifiable information without first obtaining students’ or their parents’ advance consent. Institutions are also strongly advised to establish data governance plans, use multilayered information technology safeguards, automate vulnerability scans and address 13 other data security-related factors to safeguard this data from inadvertent disclosure.
While you cannot directly sue an educational institution in court under FERPA, non-compliant institutions can face severe sanctions if affected students and parents file successful FERPA complaints with the DOE’s Family Policy Compliance Office (FPCO). Here, the DOE can withhold further payments under all programs, terminate an institution’s eligibility to receive future funding, issue cease and desist orders, and carry out other enforcement actions allowed under FERPA and GEPA.
How does FERPA Hosting work?
With Abacus Private Cloud, you can run your software and store your student files on a HIPAA and ePHI-compliant virtual cloud hosting environment that you can access anytime, anywhere on any device. Our FERPA hosting team will also securely migrate your data and tailor your account security settings to ensure you’re complying with FERPA while enjoying protections such as 256-bit AES encryption; 2FA; and three layers of physical, server and software security.
How can I audit and maintain compliance with FERPA?
You won’t need to worry about this! Our FERPA hosting compliance team will monitor your institution’s account for vulnerabilities and apply software updates and firmware patches to help ensure your data isn’t compromised. We also audit all accounts using FIPS and SSAE-16 SOC standards.
Are there Abacus Private Cloud clients who are FERPA-compliant today?