Skip to content

Family Educational Rights and Privacy Act (FERPA)

Protect Student Records in the US

• Assessment Report

• Policies & Procedures

• Remediation Tracking

• Action Plan Reminders

• Form Templates​

• Vulnerability Scan​

• Pen Testing

Demonstrate your Compliance with FERPA

The Family Educational Rights and Privacy Act (FERPA) is a federal law in the United States to protect the privacy of student educational records. It was enacted in 1974 and is mandatory for all educational institutions that receive funding from the U.S. Department of Education, including virtually all public schools and many private educational institutions.

FERPA places specific responsibilities on educational institutions to protect student records. Schools must notify parents and eligible students of their rights under FERPA and establish procedures for handling and disclosing academic records in compliance with the law. This means that teachers, school administrators, and other personnel with access to student records must be aware of and follow FERPA guidelines.The primary purpose of FERPA is to provide parents and eligible students (students over 18 years of age or those who attend a postsecondary institution) with certain rights regarding the privacy of their education records. 

Key provisions of FERPA include:

  • Right to inspect and review: Eligible students and parents have the right to access and review their education records held by educational institutions.
  • Consent to disclose: Schools generally require written consent from eligible students and parents before disclosing education records to third parties, with certain exceptions.
  • Control over directory information: Schools may disclose “directory information” without consent unless parents or eligible students opt-out.
  • Right to request corrections: Parents or eligible students can request corrections to education records they believe are in violation of their privacy rights, misleading or inaccurate.

Exceptions to consent: FERPA allows for certain exceptions to the consent requirement, such as disclosure to school officials with a legitimate educational interest.

The monitoring and enforcement of FERPA are primarily carried out by the U.S. Department of Education’s Family Policy Compliance Office (FPCO). The FPCO provides guidance to educational institutions on FERPA compliance and investigates complaints related to violations of the law.

Connect with our Security Experts to assess your controls and prove your compliance with FERPA by sharing your assessment profile. Our engagement options are ideal for organizations of all sizes with and without an experienced in-house IT team. Connect with an expert or schedule a consultation to explore the option that is best for your organization. 

Engagement Options

Choose a plan that fits your need

Explore Blogs, Webinars and other Resources

Trusted by Reputed Companies

pVerify, Inc.
Electronic Data Solutions
Bernard Robinson & Company
Avance Care
Mr.Internet Systems
Vision Radiology
Tangible Solutions
Tangible Solutions
Med First Primary and Urgent Care
Arizona State Radiology
Dose Spot Company Logo
Forsyte I.T. Solutions
Tego Data

Accreditations and Associations

* Disclaimer: This list of accreditations is held by our team of employees and consultants.

What Our Clients Say

We used databrackets (formerly EHR 2.0) in our small medical practice for our risk analysis assessment to be in compliance with meaningful use. Their response was fast, the final report is detailed but simple and easy to follow. They were always available to answer our questions.
E. Compres
Pulmonary and Sleep Center of the Valley
I never miss the opportunity to learn something new …that’s why I am always registering to all free seminars offered on the web. databrackets (formerly EHR 2.0) happened to be the friendliest, comprehensive and up-to- date source of HIPAA Privacy and Security updates.
Alexandra V.
Community Healthcare Network
Today’s presentation was great! Thank you for sending the slides. My only feedback is that it would be fabulous to have the slides ahead of time so I could print them and take notes on the slides.Thanks for your time and knowledge today!
T.B., PM
Community Health Network
Particularly interesting was the flow chart on Administrative Simplification. I utilize all of the Security subcategories you list under the Security tile and appreciate knowing that I am hitting all of the relevant topics during my employee training.
Jessica B.
I have re-worked our original risk assessment….We are using databrackets' (formerly EHR 2.0) Meaningful Use Security Risk Analysis Toolkit and it meets our needs. It was easy to use and I believe that it very beneficial to our meeting meaningful use.
Bill Curtis
Neurosurgical Associates Of Texarkana, TX
Information (webinars) presented by databrackets (formerly EHR 2.0) highlights some of today’s most demanding healthcare topics. The webinars help to direct those operating in today’s rapidly changing environment in the right direction.
Candace M.
Privacy and Security Officer, Springhill Medical Center

Our Growing List of Credentials

0 +
0 +
0 +
Assessment Libraries
0 +
Years of Experience
0 +
External audits handled