slide1 n.
Skip this Video
Download Presentation
January 25, 2012 EDUCAUSE Webinar

Loading in 2 Seconds...

play fullscreen
1 / 28

January 25, 2012 EDUCAUSE Webinar - PowerPoint PPT Presentation

  • Uploaded on

“We’re From the Government and We’re Here to Help You” Privacy Initiatives at the U.S. Department of Education. January 25, 2012 EDUCAUSE Webinar. Kathleen M. Styles, Chief Privacy Officer Michael B. Hawes, Statistical Privacy Advisor. Presentation Overview.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'January 25, 2012 EDUCAUSE Webinar' - haines

Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

“We’re From the Government and We’re Here to Help You”Privacy Initiatives at the U.S. Department of Education

January 25, 2012EDUCAUSE Webinar

Kathleen M. Styles, Chief Privacy Officer

Michael B. Hawes, Statistical Privacy Advisor

presentation overview
Presentation Overview
  • Overview of changes to FERPA regulations
  • Privacy initiatives at ED
  • Priorities for 2012
  • Interactive polls throughout
poll 1

We’re presuming most of you are in the postsecondary community. Which part of the postsecondary community do you work in specifically?

  • IT
  • Registrar/Administration/Admissions
  • Faculty
  • Other postsecondary role
  • Your assumption is wrong! I’m not part of the postsecondary community
background student privacy
Background: Student Privacy
  • FERPA enacted 1974
  • Move to electronic records
  • State longitudinal databases
  • 2009 Fordham report
  • New risks and vulnerabilities
breaches by educational institutions
Breaches by Educational Institutions

All varieties: hacking, loss of portable device, unintentional, insider breach, etc.

Source: Privacy Rights Clearinghouse

our favorite ferpa quote
Our Favorite FERPA Quote

Received in an email:

“You know how sometimes FERPA can tie your brain in a knot trying to think through it all?” 

poll 2
Poll #2

Question: Which answer best characterizes your prior experience with FERPA?

  • I’m a pro! I work with the statute and regs all the time
  • I work with FERPA, but find it confusing
  • I know what FERPA is, but don’t work with it often
  • FERPA? What’s FERPA?
ferpa postsecondary ed
FERPA & Postsecondary Ed
  • FERPA Basics
  • Health and safety emergencies
  • Intersection with state and local laws
early 2011 ed privacy initiatives begin
Early 2011 – ED Privacy Initiatives Begin
  • FERPA Notice of Proposed Rulemaking
  • Best Practices -- NCES Technical Briefs
  • Privacy Technical Assistance Center (PTAC)
  • Chief Privacy Officer
late 2011 building on progress
Late 2011: Building on Progress
  • Regulatory changes
  • PTAC best practice documents
  • Privacy Advisory Committee
  • Soliciting input
ferpa regulatory changes
FERPA Regulatory Changes
  • 274 Comments received
  • Final FERPA regulatory changes
    • December 2, 2011 Federal Register
    • Effective January 3, 2012
  • The new regulations serve to:
    • Strengthen enforcement
    • Help ensure student privacy
    • Improve program effectiveness
new definitions for audits and evaluations
New Definitions for Audits and Evaluations
  • Authorized Representative
    • Any entity or individual designated by a State or local educational authority or an agency headed by an official… to conduct—with respect to Federal- or State-supported education programs—any audit or evaluation, or any compliance or enforcement activity in connection with Federal legal requirements that relate to these programs (FERPA regulations, § 99.3).
  • Education Program
    • Any program principally engaged in the provision of education, including, but not limited to, early childhood education, elementary and secondary education, postsecondary education, special education, job training, career and technical education, and adult education, and any program that is administered by an educational agency or institution (FERPA regulations § 99.3).
ferpa regulatory changes audit and evaluation
FERPA Regulatory Changes – Audit and Evaluation
  • Authorized Representative
  • Written Agreements
  • Reasonable Methods
  • “Guidance on Reasonable Methods and Written Agreements”
ferpa regulatory changes studies exception
FERPA Regulatory Changes – Studies Exception
  • State educational authorities acting on behalf of their constituent schools
  • Requirement for written agreements
poll directory information
POLL – Directory Information
  • Does your institution currently have a directory information policy?
    • Yes, we have a directory information policy
    • Sort-of. We have a policy, but it could use improvement
    • No, we don’t have a directory information policy
    • Directory information? What’s that?
ferpa regulatory changes directory information
FERPA Regulatory Changes – Directory Information
  • ID badges
  • Limited directory information
poll ferpa and directory information
POLL – FERPA and Directory Information
  • In light of the recent FERPA reg changes, do you think your institution will change its directory information policy?
    • Yes
    • Maybe
    • No
    • We don’t have a policy
ferpa regulatory changes enforcement
FERPA Regulatory Changes - Enforcement
  • Enforcement against entities without students
  • 5 year ban
priorities for 2012
Priorities for 2012
  • Guidance and Best Practices
  • Inter-Agency Collaboration
  • Publishing Data While Protecting PII

PTAC Initiatives

  • Move to CPO Office
  • Expansion to LEAs
  • Coordination with FPCO
  • Site visits and regional meetings
  • Helping organizations come into compliance

Guidance Documents and Training Resources

Case studies

best practices and guidance resources
Best Practices and Guidance Resources
  • Guidance on Reasonable Methods and Written Agreements
  • Data Stewardship: Managing Personally Identifiable Information in Electronic Student Education Records
  • Basic Concepts and Definitions for Privacy and Confidentiality in Student Education Records
  • Responding to IT Security Audits: Improving Data Security Practices
  • Data Security: Top Threats to Data Protection
  • Data Security Checklist
  • Data Governance and Stewardship
  • Data Governance Checklist
  • Data Security and Management Training: Best Practice Considerations
inter agency collaboration
Inter-Agency Collaboration
  • Agriculture: Free and reduced price lunch data
  • Federal Trade Commission: Child ID theft
  • Health and Human Services: Early Childhood programs
  • Department of Justice: Patriot Act amendments to FERPA
data release policy
Data Release Policy
  • Utility vs. privacy in data tables
  • Disclosure avoidance in an information-rich world
  • A need for more uniformity and rigor
  • Strong public interest
  • Data Release Working Group
unsettled questions
Unsettled Questions
  • Cloud Computing
  • Video Recordings
  • Email
privacy and transparency
Privacy AND Transparency
  • Culture of confidentiality
  • Maintaining transparency
have questions
Have Questions?
  • Privacy Technical Assistance Center
    • Telephone: (855) 249-3072
    • Email:
    • FAX: (855) 249-3073
    • Website:

Family Policy Compliance Office

Telephone: (202) 260-3887


FAX: (202) 260-9001

  • Website:
poll feedback
Poll - Feedback

Question: How helpful did you find today’s webinar?

  • Very helpful!
  • Somewhat helpful.
  • Not at all helpful.