150 likes | 287 Views
HIPAA Vs. Family Educational Rights and Privacy Act (FERPA). How do these laws impact Educational Settings?. The Family Educational Rights and Privacy Act. Huh???????? I am one confused monkey!. What is it?.
E N D
HIPAA Vs. Family Educational Rights and Privacy Act (FERPA) How do these laws impact Educational Settings?
The Family Educational Rights and Privacy Act Huh???????? I am one confused monkey!
What is it? • FERPA established laws to protect the educational records of individuals and includes several provisional areas. It applies to all federally funded education settings that collect, maintain, and distribute educational information about students. http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html
Provision #1 • Parents or eligible students have the right to inspect and review the student's education records maintained by the school. Schools are not required to provide copies of records unless, for reasons such as great distance, it is impossible for parents or eligible students to review the records. Schools may charge a fee for copies. http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html
Provision #2 • Parents or eligible students have the right to request that a school correct records which they believe to be inaccurate or misleading. If the school decides not to amend the record, the parent or eligible student then has the right to a formal hearing. After the hearing, if the school still decides not to amend the record, the parent or eligible student has the right to place a statement with the record setting forth his or her view about the contested information. http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html
Provision # 3 • Generally, schools must have written permission from the parent or eligible student in order to release any information from a student's education record. http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html
However disclosure is allowed under these circumstances…. • School officials with educational interest • Other transferring schools • Audit officials and evaluation purposes • Financial aid representatives • Studies on behalf of the school • Accrediting organizations • Under judicial order or subpoena • Officials in cases of health and safety emergencies • Juvenile justice system authorities http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html
What else was added? • Also in the amended version of this law, at the age of 18, the student has the right to request review of their own records and take over the responsibilities of guardianship. http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html
What information is exempt from the FERPA law? • Schools may disclose, without consent, "directory" information such as a student's name, address, telephone number, date and place of birth, honors and awards, and dates of attendance. • However, schools must tell parents and eligible students about directory information and allow parents and eligible students a reasonable amount of time to request that the school not disclose directory information about them. • Schools must notify parents and eligible students annually of their rights under FERPA. http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html
HIPAA is the federal law that protects the health care information of all American's. Its provisions ensure the privacy rights and confidentiality of health care information. • It protects health care information that is stored, maintained, and distributed by public service agencies; including technological and electronic exchanges. • It encompasses health conditions, mental health, treatments and billing information. http://education.state.mn.us/mdeprod/groups/SpecialEd/documents/Presentation/000708.pdf
Penalties Effective April 14, 2003 • $100 per violation for noncompliance unknowingly. • Up to $250,000 fine and 10 years in jail for knowingly misusing health care information. • When federal and state laws conflict, the more stringent of the two laws apply. § 160.103
In a nutshell this is the conundrum… • Educational records ARE exempt of the HIPAA law, instead they are covered by The Family Educational Rights and Privacy Act. • Educational information is accessed and disclosed only by agency authorities with an educational interest in these clients and generally released only with a consent. • Educational settings are NOT exempt due to the health care information they store, collect, maintain, refer or transmit in any form (oral, media, or electronic). • Health care information is accessed and disclosed only by agency authorities working for the health care of these clients and released only through specific consent requirements. MDE
So what are our responsibilities under HIPAA? • Limit disclosure to, “need to know basis” within job description. • Separate files for educational and health care data. • Store educational and health care information in separate lock boxes, accessible only to those with authority. • Record signatures of individuals who have accessed a file and the reasons for that access. • Information that is stored electronically should contain unique passwords known only to the authorities of that information. • DO NOT disclose personally identifiable information of any client within an email or oral communication related to health or educational data. MDE