• Document the date and reason for collecting information for each form and each data element, so that files may be kept current and not used for unintended or inappropriate purposes.
• Identify education record files and data elements within the files as restricted (confidential) or unrestricted (e.g., directory information).
• Develop a filing system for records, so that they can be retrieved easily and accurately when needed. The practice will minimize the possibility of misplacing confidential information and thereby allowing unauthorized access. This is true for either automated or paper-record systems.
• Maintain complete and well-documented records on all changes and additions to files. Computer programs can be used to keep a list of changes and additions, note who made them, and note when they were made.
• Passwords can be used to limit access to parts of student files or to specific data elements. Systems operators should monitor access closely through a record keeping system. In addition, they should require users to change their passwords frequently, at a minimum of every three months.
• Where possible, a warning statement should appear on the computer screen before access is permitted. This statement should stay on the screen for at least ten seconds to ensure that it is readable. It should be worded to convey the following message: "Unauthorized access to personally identifiable information is a violation of Federal (and/or state) law and will result in _____ (prosecution or a maximum fine of $____ and/or imprisonment of up to ___ years, where applicable)." Users should be prompted to select whether to proceed. If it is not feasible for this statement to appear on the screen of the computer, it should be typed and attached to the monitor in a prominent location.
• When data are maintained on magnetic media storage devices, such as tapes, floppy diskettes, removable and fixed hard disks, they should be secured in the same manner as if they were printed materials (e.g., locked in a secure cabinet when not in use, and only necessary copies made). This may require extensive physical security for computers with hard disks.
• When encryption and decryption are used to ensure security of data, the algorithm required to encrypt and decrypt must receive the same protection as the data. When not in use, it must be secured at all times.
• To secure data against unauthorized access via electronic communication, modems should be disconnected while restricted data are being stored or processed on microcomputers or minicomputers. Extreme care should be exercised to ensure that the data are not inadvertently made available through use of networking technology. For example, password protection of access to the data file should be required in addition to access to the computer.
• Ensure that people involved in coding, entering, and processing the information have the necessary training and background to perform their tasks accurately and maintain strict confidentiality; and ensure they understand the criteria, context, penalties and other considerations.
• Avoid making excessive copies of back-up records. If back-up copies are made, label documents as "original" or "copy."

 
For questions about the content of this product, please contact Lee M. Hoffman.