Skip Navigation
small NCES header image
Building An Automated Record System : Back to Home National Forum on Education Statistics
Introduction Purpose of this Booklet Contents of this Booklet Description of a Student Record Description of a Student Record System Benefits of a Well-Designed Automated Student Record System Steps for Designing and Implementing an Automated Student Record System Summary Resource List
Step 1Step 2Step 3Step 4Step 5Step 6Step 7Step 8Step 9Step 10Step 11Step 12








Review local, state, and federal regulations regarding student records to ensure that safeguards for confidentiality are implemented.

Step 2: Identify federal, state, and local regulations affecting the maintenance of student records.

Each use that you identify has its own set of regulations, and the system must be designed to comply with these laws, rules, policies, etc. Regulations may mandate or determine the response to any or all of the next ten steps.

The Family Educational Rights and Privacy Act (FERPA) is a federal law that restricts access to individually identifiable student records and gives parents a right to view what is kept in their children's records. Because of this law, there are many restrictions and security measures you must plan to implement. There is more discussion about these restrictions and measures in Step 9. In addition, essential information for developing procedures and policies related to student records can be found in the NCES document, Protecting the Privacy of Student Records: Guidelines for Education Agencies.

Some states that have implemented student record systems have worked with their states' Attorneys General to ensure that no relevant laws are being broken. Many states have indicated that they have confidentiality laws that affirm or extend FERPA. No state may have a law more lenient than FERPA, but a state may impose greater restrictions on the release of student data. These restrictions must be addressed in developing a student record system.

To ensure that legal requirements are met and ethical responsibilities carried out appropriately and effectively, education agencies and institutions are advised to establish their own written policies and guidelines for maintaining the privacy and confidentiality of student records. Such policies and guidelines should state the principles and procedures for addressing the following issues:

  • Selecting appropriate data elements for student records.
  • Accurately, consistently, and carefully collecting these data elements.
  • Maintaining relevant, accurate, and confidential records.
  • Carefully screening anyone that will handle confidential information.
  • Restricting access by school personnel.
  • Safeguarding data (or restricting access) while data are in the possession of a contracting organization.
  • Safeguarding individual student records being transferred to other schools, local education agencies, state education agencies, and elsewhere.
  • Transferring personal information to an authorized third party only on the condition that this third party not permit access to any other party without the written consent of the student or parents, as appropriate.
  • Concealing the identity of individuals or institutions desiring or entitled to confidentiality, through appropriate procedures for aggregating, encoding, and releasing sensitive data.
  • Destroying records or data that are no longer needed.

Many of these areas are described more fully in the steps that follow.

Education agencies and institutions may want to establish and maintain an oversight committee to produce and review policies, procedures, and activities involving student records. The membership of this committee might include appropriate representatives of such groups as students, parents, teachers, counselors, principals, the board of education, and the general public. This committee should be assigned responsibility for ensuring that student data are collected, updated, stored, accessed, used, and discarded in such a way that:

  1. The rights and welfare of students are adequately protected.
  2. The potential benefits to students of any particular record use outweigh the potential risks.
  3. Informed consent is obtained from students or parents, by adequate and appropriate methods, for including certain data in student records and using (or releasing) the data for specified purposes.

Every education agency or institution should periodically reassure itself, through appropriate administrative overview, that the policies and procedures related to student records and designed to protect its students' rights and welfare are being applied effectively.



Meeting Resistance to Student Records at the State Level

Some state education agencies have met extensive resistance to the collection of individual student records at the state level. Parental concerns about educator access to student records is a serious issue, and must be addressed in order to be successful in the development of an effective state-level student record system. Successful states have carefully documented their planned uses of the data, as well as stating what they do not intend to do with the records. They have obtained the support of state officials for the collection of student records; and they have carefully designed systems for ensuring secure transmission of student records to the state education agency as well as secure maintenance within the agency. Comprehensive documentation is essential.


Back To Top

Would you like to help us improve our products and website by taking a short survey?

YES, I would like to take the survey

or

No Thanks

The survey consists of a few short questions and takes less than one minute to complete.
National Center for Education Statistics - http://nces.ed.gov
U.S. Department of Education