FERPA (Family Educational Rights and Privacy Act) is a federal law created to protect the privacy of student educational records and provide students with the right to inspect and review their own educational records. Educational records that are kept, transferred, received, etc., must be protected from unauthorized access, cyber threats, and other hazards.
Covered entities under FERPA provide educational services as an educational institution agency that receives Federal funds or are a service provider to educational institutions must follow set regulations and restrictions to ensure the security and privacy of student records.
A FERPA Audit done by a third-party who is an expert in the necessary requirements and rules that fall under FERPA can ensure compliance and security of important data. Partnering with Varsity Technologies to conduct an audit will guarantee the confidentiality of your student records, the prevention of any compliants and loss of governmental funding, and ensure records are properly being made available to authorized students.
What is Included in a FERPA Audit?
Varsity’s FERPA focused tools and resources will streamline the audit process and limit the amount of confusing and complex compliance endeavours. We will provide precise and detailed reports that outline our findings as well as any required or recommended next steps.
The Audit process may involve:
- Scoping the institution to pinpoint which procedures are needed as part of the audit;
- Working with the registrar’s office and other offices that may be involved in compliance to ensure complete transparency and communication.
- Off-site and onsite audit procedures as would be taken of done as part of a Federal audit process;
- Ensuring all records are being properly kept for the timelines set out within FERPA and that students and authorized personnel can access data quickly and efficiently. This may involve aiding in creating a records retention plan;
- Delivery of a report outlining all findings, compliance, weaknesses, and next steps.
- Ensuring education institutions have complete security protocols place to ensure the safety of all records. Is proper maintenance being taken? Are newer record storage softwares, such as use of the Cloud, having proper security controls set in place?
- Analyzing roles and responsibilities of those related to security within the organization or educational institution.
- Assuring proper training and policies are taking place and that proper best practices are being met. Is their mandatory training in place for those with access to student records?
- Reviewing and implementing proper accountability measures if needed, such as keeping records of sign outs of files, each person with access has their own password and username instead of sharing one universal login.
Why is it Important to Conduct a FERPA Audit?
As an educational organization, you hold a responsibility to ensure the security of your students’ records and sensitive information. A FERPA Audit ensures complete compliance with all FERPA regulations so that you can identify and solve and vulnerabilities and prove to your clients, students, and all stakeholders that you take security and confidentiality seriously.
Many organizations may not even be aware that they are in violation of FERPA regulations. This is why a third-party auditor such as Varsity can quickly catch issues that may often be overlooked or unintentionally disregarded by educational staff. Some examples of possible FERPA violations that may accidentally occur at an educational institution include:
- Including social security numbers on student information lists sent to professors and staff;
- Emailing protected information to class attendees as part of a class list;
- Publicly providing students’ academic information as part of a profile or write-up done on their athletic or other achievements;
- Posting grade lists — even if it is up on a bulletin board within the school setting;
- Denying access to student information by students or parents of students under 18 years of age.
Often the systems and networks of an organization itself may be in violation of specific security protocols. Having a strong IT infrastructure can ensure that all measures are being taken to protect your students’ personal information and educational records. Our server management systems and other tools, resources, and capabilities make it simpler to remain compliant with FERPA regulations.
Why Choose Varsity Technologies For Your FERPA Audit?
Varsity Tech is committed to helping your educational organization or institution protect its students’ records ad information. We believe there are no shortcuts to proper cyber security and our team of experts and dedicated professionals will provide your institution with the right strategy for compliance with FERPA as well as maximizing the security of all of your records.
Our certified Information Technology (IT) experts located in Los Angeles, San Francisco, and across California are knowledgeable in the modern educational setting and can easily work with more in-house and Cloud-based storage software to assure complete security. Our entire staff is friendly and approachable and available for questions extended hours of the day and to act on emergency situations at any time of the day or night.