ERIC Digest Article
I found and read an old Eric Digest article about privacy and security of college student records which I thought might be an interesting topic to analyze. As education centers such as colleges and Universities increasingly collect, store and manage student records digitally, many of these educational institutions are having difficulties with protecting the students’ personal records technically, legally and operationally. There have been numerous reports of hackers breaking into college websites to steal student personal records, modify grades and other records, as well as illegally view student records. Many colleges have established security ownership and policies to comply with the Family Educational Rights and Privacy Act (FERPA) of 1974, also known as the Buckley Amendment, which provides legal guidelines regarding the privacy of student records. However, changing technologies and the new law, the US Patriot Act, which amends some provisions of FERPA, force colleges to reexamine how they can protect student records. We will briefly discuss in this article these legal provisions and how some colleges are complying with these laws while improving the security of student digital records.
Before we get into the topic of student record privacy and security, I’d like to briefly discuss Education Resources Information Center or ERIC which was funded by the Office of Educational Research and Improvement or OERI of the Department of Education (ED). The Center had previously established the ERIC Clearinghouse system to produce and distribute ERIC Digest articles which were reviewed by experts in the education field. Although the ERIC Clearinghouse was eliminated in 2003, the valuable articles continue to be readily available through the Internet. ERIC Digest articles are typically about 1000 words and focus on topics related to education such as teaching, home schooling and special education.
As mentioned, there are certain laws that affect the way student records must be managed in the United States which spell out the rights of students and responsibilities of educational institutions. For example, FERPA requires:
1- the right of students to inspect their records,
2- parents or students can request a correction of erroneous student records are found,
3- schools must have written permissions for disclosing records but can also disclose without permission to some parties, and
4- parents and students must have sufficient opportunity to opt out of school directory which may also be disclosed.
On the other hand, the US Patriot Act requires school monitoring and disclosure of foreign student records to law enforcements which could potentially have privacy invasion consequences if requests are invalid.
In conclusion, this ERIC Digest article suggested that colleges and universities must implement policies, procedures and checklists to strictly comply with the laws while securing student records and maintaining the privacy of their student information. In particular electronic information and communication must be secured to allow only authorized access.
Read about other identity theft laws after this ERIC Digest article.