Exhibit
Managers of education records at the state, local, or school level receive numerous requests for information. Every day, they make decisions about releasing information. Requests come from the news media, businesses, relatives, agency staff, law enforcement units, attorneys, private investigators, the governors' or legislators' offices, or researchers.
This section supplements Section 2 of this document, which discusses the federal laws that govern the release of education records. Many states have laws or statutes that further restrict the release of these records. School, district, or state education agency staff should contact their agencies' legal counsel or counsel assigned to their agency by the state attorney general's office for legal opinions about confidentiality requirements and recommended procedures. This section outlines some general guidelines for deciding whether to release information.
Who (other than parents) must a school official allow to see an education record of a student?
A. School officials are not required to allow anyone other than the parents to see the education records of a student; the exceptions are circumstances stipulated by federal or state laws such as governmentrequired audits, evaluations, or court orders. See Section 6, Guidelines D; see a detailed discussion of the federal statutes in Section 2, Guidelines B.
Which public officials have access to education records without consent of a parent?
A. School officials and other identified categories of people with a "legitimate educational interest" in the information have access to education records without specific consent ofparents or eligible students. Policies defining officials who may receive information without prior consent must be accessible to parents for review. Among those officials are teachers and school officials associated with school entrance or transfer; state and local education officials who conduct audits or review records in compliance with federal laws; and court officials.
In some cases, which must be defined by local policy, third parties acting on behalf of schools may also have access to education records. Third parties generally include officials in state, local, and intermediate administrative units, researchers, psychologists, lawyers, or medical practitioners who work for or are under contract to schools.
If a parent makes information about a student public, must school officials keep that piece of information confidential?
A. Yes, school officials should still keep the information private. See Section 6, Guidelines C.
Must a school official release a student's record to a family lawyer?
A. A school official does not have to release a record of a student to his or her family lawyer unless there is a prior written consent from the parent. See Section 6, Guidelines D.
What penalties apply to the misuse or improper disclosure of confidential information?
A. The penalty for non-compliance with the Family Educational Rights and Privacy Act (FERPA) and the Protection of Pupil Rights Amendment (PPRA) can be withdrawal of U.S. Department of Education funds from the institution or agency that has violated the law. This applies to schools, school districts, and state education agencies. The Family Policy Compliance Office of the U.S. Department of Education, charged with reviewing and investigating complaints, seeks to promote voluntary compliance with the law. To date, findings of non-compliance have not resulted in such action.
A third party who improperly discloses personally identifiable information from student records can be prohibited from receiving access to records at the education agency or institution for at least five years. State laws on privacy may also apply penalties.
What are the liabilities of a third party's misuses of education records?
A. School officials are not liable for misuses of data by a third party. However, it is important to implement and follow proper procedures in good faith to protect the agency or school as well as the students and their families. See Section 6, Guidelines G.
Can student records be transmitted electronically, via the Internet and facsimile?
A. The law requires agencies to prevent the unauthorized release of personally identifiable information from education records. Thus, when student records are transmitted electronically, confidentiality must be protected both by the sender and receiver of information. Agencies must establish procedures for releasing information, and they mustcontinually train officials and clerical staff about their obligation to treat personally identifiable information confidentially.
Various experts in the application of FERPA and the uses of electronic data exchange consider facsimile machines to be less secure than the electronic transmission of records. If facsimile machines are to be used, the institutions involved with the exchange of student information must establish security procedures that meet the privacy obligations set out in FERPA. See Section 6, Guidelines I.
A. Types of Information Release
When a district or school staff member receives an information request, the first question he or she needs to consider is what type of information is being requested. Generally, information requests about one or more individuals can be categorized as non-personally identifiable information or personally identifiable information.
Non-personally identifiable data do not reveal specific information about a particular individual. They usually describe a group of persons (e.g., the aggregate number of students participating in extracurricular activities) without identifying any one student. Or, they consist of individual records stripped of any information that would make it possible to identify the person described.
Release of non-personally identifiable data is generally allowed. A district or school may determine how this type of information is released. However, it is advisable to designate appropriate officials within the agency to review the compiled data, making sure that no single individual can be identified by a combination of several pieces of nonpersonally identifiable information.
For instance, in reporting test scores for certain racial or ethnic groups in a school, if a school has only one student in a particular racial or ethnic group at a certain grade level, then that student's score could be made public by combining two separate pieces of information. It is important to be aware of the possibility of inadvertently disclosing personally identifiable information even when there is more than a single record in a category.
In planning and producing analyses and tabulations, the general rule is that there should be no cell (or category) published in which there are fewer than three respondents, or in which personal information could be obtained by subtraction or other simple mathematical manipulations. However, this should be adjusted based on the factors unique to the district or school, such as the size of the school or community population. You must also be careful not to allow information to be disclosed through subsequent cross tabulation of the same data with other variables.
Personally identifiable data may or may not identify a person directly, but contain information that would make students' identities and any related information about them easily recognized. This information is more sensitive than grouped information or summarized data and therefore requires more attention and care before release. Personally identifiable information, including the identifying data listed below, must be maintained in education records that are protected with appropriate security. It is important that state or local education agencies establish policies that define personally identifiable information and list specific examples. This will avoid confusionwhen actual information requests are handled.
Personally identifiable data include identifying data that directly associate with a person, such as the following:
B. Release of Directory Information
If information requests are related to personally identifiable student information to be obtained from the education records, the first question you should ask is whether the request is for directory information as defined in the district's education records policies. Section 2 of this document contains definitions of education records and directory information, as well as federal regulations that relate to the release of this information.
Agency or school staff should refer to federal, state, and local laws and regulations about the types of data that may be released without consent of the parents. State and local laws may specify data items considered directory information. Section 2, Guidelines B includes the types of items that are typically considered directory information by local policies.
As required by FERPA, annual notification should be given to allow parents to request that all or portions of directory information not be released. Exhibit 6-1 contains a sample notification form. Upon receipt of an information request, district or school staff need to verify that there is an appropriate, prior consent to release that piece of information about the student(s).
When requested by a third party (e.g., from a relative, family lawyer, or a news reporter) for individual information not authorized by FERPA or other federal laws such as the National School Lunch Act (NSLA), the requester should be required to present written consent from the parent. If information requested from the record is not considered directory information but is personally identifiable, it can be released if the parent provides a written, signed, and dated consent document. The document must:
Unless otherwise allowed by federal or state law, or local policies, agency or school staff should not assume that if parents openly discuss information included in their child's education records, the parents are giving "implied" consent for staff to release that information. Written consent foragency or school release from the parent is required by FERPA.
D. Release without Prior Consent
Without prior written consent from the parent, personally identifiable information may be released to particular individuals or entities outside the agency or school. Such release must be allowed by an established policy. Agency or school staff should be familiar with federal and state laws as well as local policies established in this regard, and understand that they are not required to release information unless otherwise specified by these laws or policies, but are given the option to do so. Section 2 lists these outside individuals or entities to whom student records may be released. Examples of these individuals include designated, authorized representatives from state and local education agencies, the juvenile justice system, and health or safety personnel in case of an emergency. Exhibit 6-2 includes a form that an agency or school could use to monitor this type of release.
Within the agency or school, education records may be released and used by personnel who are considered to have a legitimate educational interest or need-to-know without prior written consent of the parent. Section 4 contains guidelines regarding this type of release. Examples of personnel who may have authorized access to the student records include research and evaluation directors and service providers or coordinators of special programs in which the students participate.
The NSLA allows the release of free and reduced-price school meal eligibility without consent of the parent for certain purposes. We discuss this issue in Section 2. Agencies or schools should establish written guidelines to permit such release.
In some cases, researchers who are not employed by the agency or school may be authorized to conduct data processing or research and evaluation studies through contractual arrangements. If these efforts are initiated by and performed on behalf of the agency or school, researchers may be considered school officials who have a legitimate educational interest. We discuss these situations in Section 4. However, researchers outside the agency or school often request individual information for their own research agendas. More often than not, the requested information includes more than one data item from the education records or student database. These requests should be handled case-by-case. Agency or school officials should establish criteria for considering such requests. These criteria may take into consideration the perceived benefits of the research, the potential invasion of students' privacy, the reputation of the requestor, or the availability of staff to monitor the process of the release and the research activities.
In general, the release of data to researchers outside the agency should be considered as a loan of data (i.e., recipients do not have ownership of the data). Agencies or schools could request that these data be returned or copies destroyed when the researchers complete their work.
Before considering these data requests, agencies should establish written guidelines and procedures to allow the on-site access or off-site loan of personally identifiable data by appropriate individuals or organizations. In 1993, the National Center for Education Statistics (NCES) of the U.S. Department of Education published a manual, called Field Restricted Use Data Procedures, to ensure the implementation of proper procedures before releasing any of its data sets. The following items, adapted from the NCES manual, could be included in an agency's policies and procedures regarding the loan of data:
Before a data set is released across agencies or to researchers or research institutions, appropriate agreements must be signed to ensure that all records will remain private, the conditions of release and re-release are well defined and limited, and penalties for inappropriate records use or release of records are stated clearly. Individuals employed by the agencies who are authorized and who will have access to the individually identifiable information also could be required to sign an affidavit of non-release. Exhibit 6-3 contains a sample form.
In most cases, information indicating that an education record has been released must bedocumented in the record and retained there until the education record is destroyed.
F. Release to Other Service Agencies
There are increasing needs for education and other service agencies to develop coordinated data systems that enable them to more effectively and efficiently serve children and their families. Many agencies, such as education, health, social service, and labor agencies, are seeking means to facilitate the automatic accessibility of information from student records mainly for these purposes:
In any instance of data sharing, agencies must be especially careful to maintain a clear distinction between the data collected for research, evaluation, and regulatory purposes, and data collected for clinical uses. The protection of privacy and data accuracy are essential to any data coordination efforts. However, these protections do not have to be absolute barriers to data coordination. A first step to cross-agency coordination of services and policy analysis is to establish well-defined procedures that maintain distinctions between different types of data and their uses and ensure that education agency managers and staff who work with student records understand confidentiality restrictions and procedures for handling private, personally identifiable information. A thorough knowledge of the rationale behind federal, state, and local privacy laws and an understanding of what the laws allow and disallow, are the building blocks of widely sought interagency data coordination.
As cross-agency partnerships become established, many issues other than confidentiality requirements need to be addressed. As of the date of this publication, such efforts are either at the planning or early implementation stages. It is therefore premature to include best-practice guidelines consistent with the purposes of this document. The National Forum on Education Statistics will continue to work with state and local education agencies, exploring the issues and identifying effective practices of interagency data sharing in 1997. Results of this effort will be published in a separate document.
As a final control, an appropriate official could review the compiled information or data for accuracy and to ensure they are within the scope approved for release. This official also may review the procedures to ensure compliance with all federal, state, and local statutes, rules, and regulations that apply to the release. Signatures of the appropriate and authorized persons should be required for every release.
H. Avoid Misuse of Information by Non-Intended or Secondary Users
Any organization creating, maintaining, using, or disseminating education records with personally identifiable data must assess the reliability of the information for its intended use and must take precautions to prevent misuse of the data. When data are released to individuals or groups outside the agency, the recipients should be required to sign an affidavit stating that they will use the data in a way consistent with that described in their requests, and not to transfer or re-release the data to another individual or organization. Exhibit 6-4 contains a sample statement. Although school officials are not liable for a third party's misuses of data, it is important to implement and follow proper procedures in good faith to protect the students and their families as well as the agency or school.
Agencies or schools should maintain records of access, retrieval, or release of records, including the names of persons retrieving records and the purposes for each release, and should maintain a list of personnel authorized to have access to the file. They should also maintain a record of user requests for data that have been denied or only partially fulfilled. Such information can be used for periodic reviews of agency confidentiality and data release policies.
Information about releases with or without prior consent of the parent should remain with the education record as long as the record is maintained. It is a good practice to document all access and release. However, it is not required if the request was made by, or release was made to:
Particular attention should be given to confidentiality when data are released through electronic means because of the increased potential for unauthorized access. For example, you cannot visually check the photo identification of a facsimile or electronic mail recipient. You must establish policies and procedures to address the issue of data forwarding via electronic means.
You should routinely embed various levels of encrypted codes into computerized databases. This will protect the confidentiality of the data as well as ensure the integrity and authenticity of the information. You should establish clear rules and procedures about who can send and who can receive and use data. In addition, you could specify the penalties for abuse or misuse of systems.
It is important for the electronic system
to log the transfer of personally identifiable data in a security audit
trail to account for releases of data by and to appropriate individuals.
The use of electronic authentication programs can reassure the sending
agency or school that the information has reached the appropriate recipient
and that no changes to the contents have been made.
American Association of Collegiate Registrars and Admissions Officers. 1995. Guidelines for postsecondary institutions for implementation of the family educational rights and privacy act of 1974 as amended. Washington, DC: American Association of Collegiate Registrars and Admission Officers.
Council of Chief State School Officers (CCSSO). 1995. Interagency data systems for accountability: issue brief. Washington, DC: Author. (This document may be accessed online at: <http://www.ccsso.org/ibspr951.html> and <http://www.ccsso.org/ibspr952.html>.)
Hobbs, L.J. 1993. Second Edition. Tackling the confidentiality barrier: a practical guide for integrated family services. A special report for new beginnings. San Diego, CA: Department of Social Services, San Diego County, CA.
Morrill, W.A., and Marzke, C. 1996, June 6. Feasibility study for a national data coordination project: current efforts and lessons. Princeton, NJ: Mathtech, Inc.
National Forum on Education Statistics. 1994. Education data confidentiality: Two studies. Issues in education data confidentiality and access; and compilation of statutes, laws, and regulations related to the confidentiality of education data. Washington, DC: Government Printing Office.
National Center for Education Statistics. 1993. Field restricted use data procedures manual. Washington, DC: National Center for Education Statistics.
Panel on Confidentiality and Data Access [of the] Committee on National Statistics, Commission on Behavioral and Social Sciences and Education, National Research Council, and the Social Science Research Council. 1993. Private lives and public policies: Confidentiality and accessibility of government statistics. Washington, DC: National Academy Press.
For questions about the content of this product, please contact
Lee
M. Hoffman.