What are some of the key provisions of The Family Educational and Privacy Rights Act (FERPA) of 1974 as they relate to data at rest?
45 CFR § 1303.20 Establishing Procedures
A program must establish procedures to protect the confidentiality of any personally identifiable information (PII) in child records.
45 CFR § 1303.24 Maintaining Records
(a) A program must maintain child records in a manner that ensures only parents, and officials within the program or acting on behalf of the program have access, and such records must be destroyed within a reasonable timeframe after such records are no longer needed or required to be maintained.
This suggests the need for software capable of finding and classifying, de-identifying or removing, and auditing changes to student records that are maintained by educational institutions, and the entities serving them. All of these features are in the affordable IRI FieldShield, CellShield EE, and DarkShield data masking products, or the comprehensive IRI Voracity data management platform which includes them.
PII can also include indirect information in a record, or "quasi-identifiers" which can also be used with or without uniquely-identifying information to nevertheless identify a student. Consider e-g in the list below:
As enforced under 20 U.S. Code § 1232g and defined under 34 CFR § 99.3, PII includes, but is not limited to:
- (a) The student's name;
- (b) The name of the student's parents or other family members;
- (c) The address of the student or the student's family;
- (d) A personal identifier, such as the student's social security number, student number, or biometric record;
- (e) Other indirect identifiers, such as the student's date of birth, place of birth, and mother's maiden name;
- (f) Other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty; or
- (g) Information requested by a person who the educational agency or institution reasonably believes knows the identity of the student to whom the education record relates.
The Re-ID Risk Scoring wizard included in IRI's static data masking software exploits peer-reviewed algorithms to determine and measure the risk of re-identification based on the distinction and separation attributes of one or more quasi-identifiers in a student record. So long as the data set is in a flat file (e.g., CSV) or JDBC-connected data source (e.g., SQL Server table), it will work.
These capabilities can also help data recipients and other authorized third parties comply with the Protection of Pupil Rights Amendment (PPRA) and the Student Privacy provisions (Section 1061) of the No Child Left Behind Act. Those data users can leverage the risk determination report results to further generalize (anonymize) the riskier quasi-idenifiers in ways that retain the utility of that data.