The Family Educational Rights and Privacy Act (FERPA) is a US federal law that protects the privacy of students’ education records, including personally identifiable and directory information. FERPA was enacted to ensure that parents and students age 18 and older can access those records, request changes to them, and control the disclosure of information, except in specific and limited cases where FERPA allows for disclosure without consent.

The law applies to schools, school districts, and any other institution that receives funding from the US Department of Education—that is, virtually all public K–12 schools and school districts, as well as most post-secondary institutions, both public and private.

Security is central to compliance with FERPA, which requires the protection of student information from unauthorized disclosures. Educational institutions that use cloud computing need contractual reassurances that a technology vendor will manage sensitive student data appropriately.

Ducara is an expert in helping institutions of higher education achieve compliance with FERPA and other regulations.

Our approach focuses on helping institutions improve their security posture while achieving and maintaining compliance with federal and state mandates. For this reason, Ducara is a trusted resource among educators and non-profits. Our network penetration services uncover weaknesses and allow institutions to scrutinize their policies without hindrance, enabling security in complex environments.