1 / 28

January 25, 2012 EDUCAUSE Webinar

“We’re From the Government and We’re Here to Help You” Privacy Initiatives at the U.S. Department of Education. January 25, 2012 EDUCAUSE Webinar. Kathleen M. Styles, Chief Privacy Officer Michael B. Hawes, Statistical Privacy Advisor. Presentation Overview.

seth-hughes
Download Presentation

January 25, 2012 EDUCAUSE Webinar

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. “We’re From the Government and We’re Here to Help You”Privacy Initiatives at the U.S. Department of Education January 25, 2012EDUCAUSE Webinar Kathleen M. Styles, Chief Privacy Officer Michael B. Hawes, Statistical Privacy Advisor

  2. Presentation Overview • Overview of changes to FERPA regulations • Privacy initiatives at ED • Priorities for 2012 • Interactive polls throughout

  3. POLL #1 We’re presuming most of you are in the postsecondary community. Which part of the postsecondary community do you work in specifically? • IT • Registrar/Administration/Admissions • Faculty • Other postsecondary role • Your assumption is wrong! I’m not part of the postsecondary community

  4. Background: Student Privacy • FERPA enacted 1974 • Move to electronic records • State longitudinal databases • 2009 Fordham report • New risks and vulnerabilities

  5. Breaches by Educational Institutions All varieties: hacking, loss of portable device, unintentional, insider breach, etc. Source: Privacy Rights Clearinghouse

  6. Our Favorite FERPA Quote Received in an email: “You know how sometimes FERPA can tie your brain in a knot trying to think through it all?” 

  7. Poll #2 Question: Which answer best characterizes your prior experience with FERPA? • I’m a pro! I work with the statute and regs all the time • I work with FERPA, but find it confusing • I know what FERPA is, but don’t work with it often • FERPA? What’s FERPA?

  8. FERPA & Postsecondary Ed • FERPA Basics • Health and safety emergencies • Intersection with state and local laws

  9. Early 2011 – ED Privacy Initiatives Begin • FERPA Notice of Proposed Rulemaking • Best Practices -- NCES Technical Briefs • Privacy Technical Assistance Center (PTAC) • Chief Privacy Officer

  10. Late 2011: Building on Progress • Regulatory changes • PTAC best practice documents • Privacy Advisory Committee • Soliciting input

  11. FERPA Regulatory Changes • 274 Comments received • Final FERPA regulatory changes • December 2, 2011 Federal Register • Effective January 3, 2012 • The new regulations serve to: • Strengthen enforcement • Help ensure student privacy • Improve program effectiveness

  12. New Definitions for Audits and Evaluations • Authorized Representative • Any entity or individual designated by a State or local educational authority or an agency headed by an official… to conduct—with respect to Federal- or State-supported education programs—any audit or evaluation, or any compliance or enforcement activity in connection with Federal legal requirements that relate to these programs (FERPA regulations, § 99.3). • Education Program • Any program principally engaged in the provision of education, including, but not limited to, early childhood education, elementary and secondary education, postsecondary education, special education, job training, career and technical education, and adult education, and any program that is administered by an educational agency or institution (FERPA regulations § 99.3).

  13. FERPA Regulatory Changes – Audit and Evaluation • Authorized Representative • Written Agreements • Reasonable Methods • “Guidance on Reasonable Methods and Written Agreements”

  14. FERPA Regulatory Changes – Studies Exception • State educational authorities acting on behalf of their constituent schools • Requirement for written agreements

  15. POLL – Directory Information • Does your institution currently have a directory information policy? • Yes, we have a directory information policy • Sort-of. We have a policy, but it could use improvement • No, we don’t have a directory information policy • Directory information? What’s that?

  16. FERPA Regulatory Changes – Directory Information • ID badges • Limited directory information

  17. POLL – FERPA and Directory Information • In light of the recent FERPA reg changes, do you think your institution will change its directory information policy? • Yes • Maybe • No • We don’t have a policy

  18. FERPA Regulatory Changes - Enforcement • Enforcement against entities without students • 5 year ban

  19. Priorities for 2012 • Guidance and Best Practices • Inter-Agency Collaboration • Publishing Data While Protecting PII

  20. Guidance! PTAC Initiatives • Move to CPO Office • Expansion to LEAs • Coordination with FPCO • Site visits and regional meetings • Helping organizations come into compliance Guidance Documents and Training Resources Case studies

  21. Best Practices and Guidance Resources • Guidance on Reasonable Methods and Written Agreements • Data Stewardship: Managing Personally Identifiable Information in Electronic Student Education Records • Basic Concepts and Definitions for Privacy and Confidentiality in Student Education Records • Responding to IT Security Audits: Improving Data Security Practices • Data Security: Top Threats to Data Protection • Data Security Checklist • Data Governance and Stewardship • Data Governance Checklist • Data Security and Management Training: Best Practice Considerations

  22. Inter-Agency Collaboration • Agriculture: Free and reduced price lunch data • Federal Trade Commission: Child ID theft • Health and Human Services: Early Childhood programs • Department of Justice: Patriot Act amendments to FERPA

  23. Data Release Policy • Utility vs. privacy in data tables • Disclosure avoidance in an information-rich world • A need for more uniformity and rigor • Strong public interest • Data Release Working Group

  24. Unsettled Questions • Cloud Computing • Video Recordings • Email

  25. Privacy AND Transparency • Culture of confidentiality • Maintaining transparency

  26. Have Questions? • Privacy Technical Assistance Center • Telephone: (855) 249-3072 • Email: privacyTA@ed.gov • FAX: (855) 249-3073 • Website: www.ed.gov/ptac Family Policy Compliance Office Telephone: (202) 260-3887 Email: FERPA@ed.gov FAX: (202) 260-9001 • Website: www.ed.gov/fpco

  27. Contact Information

  28. Poll - Feedback Question: How helpful did you find today’s webinar? • Very helpful! • Somewhat helpful. • Not at all helpful.

More Related