Earlier this year, the U.S. Department of Health and Human Services and the U.S. Department of Education released joint guidance on when the Health Insurance Portability and Accountability Act (HIPAA) and the Family Educational Rights and Privacy Act (FERPA) apply to schools, colleges and healthcare facilities, where FERPA and HIPAA intersect, and what student educational and health records can be shared and under what circumstances.
Last month, Campus Safety hosted a webinar, led by security consultant and emergency preparedness expert Gary Sigrist, to dive deeper into the topic. Gary discussed what is allowed under FERPA — particularly as it relates to directory information and education records — in order to help campuses reduce liability and avoid possible fines and lawsuits.
Directory information is student data that would generally not be considered harmful or an invasion of privacy if given out, such as a student’s name, address, phone number, date of birth, and participation in school sports or activities. Under FERPA, schools must tell parents and eligible students annually what is included in directory information and give them a reasonable amount of time to request that the school not disclose some or all of their directory information.
Education records are records directly related to a student that are maintained by an educational agency or institution. These records can include grades, student discipline files, transcripts, class lists, class schedules, health records and financial information, among other things.
Amy Rock Editorial, LLC 