Choose Index below for a list of all words and phrases defined in this glossary.

Family Educational Rights and Privacy Act of 1974 (FERPA)

index | Index

Family Educational Rights and Privacy Act of 1974 (FERPA) - definition(s)

FERPA (Family Educational Rights and Privacy Act of 1974) - FERPA (Family Educational Rights and Privacy Act of 1974) is federal legislation in the United States that protects the privacy of students' personally identifiable information (PII). The act applies to all educational institutions that receive federal funds.

FERPA states that parents of students under 18, or eligible students (students over 18, or those who have matriculated to an educational institution above high school) be allowed to view and propose amendments to their educational records. The act also mandates that schools must obtain written permission from parents or eligible students in order to release a student's PII.

There are a few exceptions regarding who may receive records without written permission. Exceptions include:

   * Legitimate requests from school officials.
   * Requests from schools to which a student is transferring.
   * Cases of 'directory information,' defined as "information contained in an education record of a student that would not generally be considered harmful or an invasion of privacy if disclosed," such as name, address, telephone number and date of birth.

In the case of directory information, the parents or eligible students must be notified of the proposed release of said information and given time to request their information not be disclosed. Social Security numbers and student identification numbers are not included in the category of 'directory information' and may never be released without written permission.

Schools must notify parents and eligible students annually of their rights under FERPA.

Related glossary terms: RSA algorithm, data key, greynet (or graynet), spam cocktail (or anti-spam cocktail), fingerscanning (fingerprint scanning), munging, insider threat, authentication server, defense in depth, nonrepudiation / non-repudiation

[Category=Data Management ]

Source:, 09 August 2013 09:37:01, External

Data Quality Glossary.  A free resource from GRC Data Intelligence. For comments, questions or feedback: