Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Risks of not complying with cipa & ferpa

853 views

Published on

You might’ve heard acronyms like CIPA, HIPAA and FERPA - but what do they mean? They’re different types of compliance regulations that organizations must follow to make sure that student and staff personal data is safe and confidential.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Risks of not complying with cipa & ferpa

  1. 1. Privacy & Security Laws What does compliance look like in education? YOU SHOULD KNOW
  2. 2. You might’ve heard acronyms like CIPA, HIPAA and FERPA - but what do they mean? They’re different types of compliance regulations that organizations must follow to make sure that student and staff personal data is safe and confidential.
  3. 3. FERPA Compliance Law RISKS OF NOT COMPLYING WITH
  4. 4. In order to protect confidential information that is held on cloud servers, compliance regulations are mandatory for any internet infrastructure that offers data storage solutions. BACKGROUND Cloud data is constantly at threat from hackers with malicious intent as well as from users who leak sensitive information by error.
  5. 5. FERPA compliance is mandatory for federally funded academic institutions that serve under the U.S Department of Education. The rules governing FERPA specifically regulate the disclosure of student information by academic institutions, to external parties. By definition under FERPA, academic institutions are not allowed to disclose information pertaining to finances, grades, discipline, employment, and courses of any student. The Family Education Rights and Privacy Act, FERPA, is an act that was implemented in 1974 under U.S Federal law. Its main purpose is to ensure the privacy of academic data for students in learning institutions across the United States. FERPA Compliance
  6. 6. Academic institutions that are FERPA compliant are not allowed by law, to disclose records to students who are below 18 years. Where such is the case, the parents are recognized as the only legal persons who can; I. File a complaint against an institution that is FERPA non-compliant II. Request for records to be changed where academic information is misrepresented III. Review student records IV. Approve information disclosure for a student’s academic records However once a student attains the status of ‘eligibility’ at 18 years he or she reserves all the above rights. FERPA Compliance FERPA exception for academic information disclosure is limited to instances where student information is required; ● In legal proceedings on issuance of a subpoena ● By other academic institutions where a student wishes to enroll ● To persons whose interest in specific information is purely educational ● As part of research on an academic institution ● In the event of safety or medical emergency ● In the event of drug abuse by an underage student
  7. 7. Risks and penalties of FERPA non- compliance Where an academic institution is found to be violating the laws under FERPA either intentionally or unintentionally, consequences may include any of the following; A. Dismissal of an academic official who is found responsible for information breach B. Lawsuit from an eligible student of parent C. Suspension from receiving federal funding or entire loss of funding for the academic institution D. Fines of up to $1,000 or a jail sentence not exceeding 6 months or both FERPA Compliance

×