One Step Ahead
September 18, 2012,
Volume 59, No. 04
Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy.
Student Privacy–What Do I Need To Know?
A FERPA Reminder
For starters, you should know about FERPA, the Family Education Rights and Privacy Act. FERPA is a federal law that provides certain rights to students and imposes certain obligations on University faculty and staff—all regarding the privacy of “education records,” or student record information.
Let’s take a few common “do’s” and “don’ts”:
- You may share student records with Penn officials with “legitimate educational interests”—i.e., where the information would be helpful in the performance of official duties. In many other situations, student records may not be shared without the student’s consent. This very important provision allows Penn faculty and staff to access the student information they need to perform their jobs.
- In general, you may not share student records with parents or guardians. There are some exceptions though, such as where the student provides written consent.
- You may not leave graded exams or papers outside a door for a student to pick up. They must be delivered directly to the student—physically or electronically.
- You may not post student grades with any identifying information such as name, Penn ID, or initials.
Consult the Student Records System (SRS) or Advisor in Touch to determine if a student has consented to sharing his or her information with parents or others. You can also ask students to set their privacy choices electronically in the Penn Portal or via a paper consent form.
Visit the Penn’s Privacy website’s (www.upenn.edu/privacy) FERPA page and check out the Frequently Asked Questions resource, Penn’s Policy on Confidentiality of Student Records and more.
Questions about student privacy can be addressed to email@example.com
For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/