Everything you need to know about ranked-choice voting in one spot. Click to learn more!

Family Educational Rights and Privacy rule (2012)

From Ballotpedia
Jump to: navigation, search
New Administrative State Banner.png
What is a significant rule?

Significant regulatory action is a term used to describe an agency rule that has had or might have a large impact on the economy, environment, public health, or state or local governments. These actions may also conflict with other rules or presidential priorities. As part of its role in the regulatory review process, the Office of Information and Regulatory Affairs (OIRA) determines which rules meet this definition.


Administrative State
Administrative State Icon Gold.png
Five Pillars of the Administrative State
Agency control
Executive control
Judicial control
Legislative control
Public Control
Click here for more coverage of the administrative state on Ballotpedia.
Click here to access Ballotpedia's administrative state legislation tracker.


The Family Educational Rights and Privacy rule is a significant rule issued by the U.S. Department of Education effective January 3, 2012, that amended department regulations concerning the confidentiality of student records. The rule implemented amendments to the Family Educational Rights and Privacy Act (FERPA) to continue protections of education records while allowing for the use of student data.[1]

HIGHLIGHTS
  • Name: Family Educational Rights and Privacy
  • Agency: Office of Management, Department of Education
  • Type of significant rule: Economically significant rule

    • Timeline

    The following timeline details key rulemaking activity:

    Background

    Education Policy
    Education Icon 200x200.png
    Education policy topics
    Overview of trends in K-12 curricula development
    Impact of school choice on rural school districts
    Local school board authority across the 50 states
    State policies on cellphone use in K-12 public schools
    School choice in the United States
    School choice glossary

    Other policy areas
    Click here for coverage of other policy areas on Ballotpedia

    President Gerald Ford signed the Family Educational Rights and Privacy Act (FERPA) into law in 1974 to protect the confidentiality of student records. The law was sponsored by then-U.S. Senator James Buckley (R) as an amendment to extend the Elementary and Secondary Education Act of 1965. The law grants students the right to review their education records and prohibits institutions from disclosing education records without written consent from the student or the student's parents (for children under the age of 18). There are exceptions to FERPA, including the release of records to education officials or other institutions.[3]

    The Bush administration issued amendments to FERPA in 2008 in an effort to align the law with the Uniting and Strengthing America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT Act) and two U.S. Supreme Court case decisions.[4]

    The American Recovery and Reinvestment Act (ARRA) was signed into law by President Barack Obama (D) on February 17, 2009, which directed states to develop statewide longitudinal data systems (SLDS). The SLDS were required by states to qualify for funding under the America Creating Opportunities to Meaningfully Promote Excellence in Technology, Education, and Science (COMPETES) Act. The COMPETES Act required states to include the following information in SLDS for public preschool through grade 12 students:[2]

    (a) Yearly test records of individual students with respect to assessments under section 1111(b) of the Elementary and Secondary Education Act of 1965, as amended (20 U.S.C. 6311(b)); (b) information on students not tested by grade and subject; (c) a teacher identifier system with the ability to match teachers to students; (d) student-level transcript information, including information on courses completed and grades earned; and (e) student-level college readiness test scores.[2][5]


    In response to the requirements outlined in the COMPETES Act, the Department of Education reviewed the FERPA regulations to determine their impact on SLDS. The department issued proposed regulations on April 8, 2011, in an effort to align FERPA regulations with the ARRA and the COMPETES Act.[2]

    Summary of the rule

    The following is a summary of the rule from the rule's entry in the Federal Register:

    The Secretary of Education (Secretary) amends the regulations implementing section 444 of the General Education Provisions Act (GEPA), which is commonly referred to as the Family Educational Rights and Privacy Act (FERPA). These amendments are needed to ensure that the U.S. Department of Education (Department or we) continues to implement FERPA in a way that protects the privacy of education records while allowing for the effective use of data. Improved access to data will facilitate States' ability to evaluate education programs, to ensure limited resources are invested effectively, to build upon what works and discard what does not, to increase accountability and transparency, and to contribute to a culture of innovation and continuous improvement in education. The use of data is vital to ensuring the best education for our children. However, the benefits of using student data must always be balanced with the need to protect student privacy. Protecting student privacy helps achieve a number of important goals, including avoiding discrimination, identity theft, as well as other malicious and damaging criminal acts.[1][5]

    Summary of provisions

    The following is a summary of the provisions from the final rule's entry in the Federal Register:[1]

    In the NPRM, we proposed regulations to:
    • Amend § 99.3 to define the term “authorized representative” to include individuals or entities designated by FERPA-permitted entities to carry out an audit or evaluation of Federal- or State-supported education programs, or for the enforcement of or compliance with Federal legal requirements related to these programs (audit, evaluation, or enforcement or compliance activity);
    • Amend the definition of “directory information” in § 99.3 to clarify that a unique student identification (ID) number may be designated as directory information for the purposes of display on a student ID card or badge if the unique student ID number cannot be used to gain access to education records except when used in conjunction with one or more factors that authenticate the user's identity, such as a Personal Identification Number, password, or other factor known or possessed only by the authorized user;
    • Amend § 99.3 to define the term “education program” as any program principally engaged in the provision of education, including, but not limited to, early childhood education, elementary and secondary education, postsecondary education, special education, job training, career and technical education, and adult education;
    • Amend § 99.31(a)(6) to clarify that FERPA-permitted entities are not prevented from redisclosing PII from education records as part of agreements with researchers to conduct studies for, or on behalf of, educational agencies and institutions;
    • Remove the provision in § 99.35(a)(2) that required that any FERPA-permitted entity must have legal authority under other Federal, State, or local law to conduct an audit, evaluation, or enforcement or compliance activity;
    • Amend § 99.35(a)(2) to provide that FERPA-permitted entities are responsible for using reasonable methods to ensure that their authorized representatives comply with FERPA;
    • Add a new § 99.35(a)(3) to require that FERPA-permitted entities must use a written agreement to designate an authorized representative (other than an employee) under the provisions in §§ 99.31(a)(3) and 99.35 that allow the authorized representative access to PII from education records without prior written consent in connection with any audit, evaluation, or enforcement or compliance activity;
    • Add a new § 99.35(d) to clarify that in the event that the Department's Family Policy Compliance Office (FPCO or Office) finds an improper redisclosure in the context of §§ 99.31(a)(3) and 99.35 (the audit or evaluation exception), the Department would prohibit the educational agency or institution from which the PII originated from permitting the party responsible for the improper disclosure (i.e., the authorized representative, or the FERPA-permitted entities, or both) access to PII from education records for a period of not less than five years (five-year rule);
    • Amend § 99.37(c) to clarify that while parents or eligible students (students who have reached 18 years of age or are attending a postsecondary institution at any age) may opt out of the disclosure of directory information, this opt out does not prevent an educational agency or institution from requiring a student to wear, display, or disclose a student ID card or badge that exhibits directory information;
    • Amend § 99.37(d) to clarify that educational agencies or institutions may develop policies that allow the disclosure of directory information only to specific parties, for specific purposes, or both; and
    • Add § 99.60(a)(2) to authorize the Secretary to take appropriate actions to enforce FERPA against any entity that receives funds under any program administered by the Secretary, including funds provided by grant, cooperative agreement, contract, subgrant, or subcontract.[5]

    The following provisions were also included in the final rule's entry:[1]

    These final regulations contain the following substantive changes from the NPRM:
    • In § 99.3, we have defined the term “early education program” as that term is used in the definition of education program. The definition is based on the definition of “early childhood education program” in section 103(8) of the Higher Education Act of 1965, as amended (HEA) (20 U.S.C. 1003(8));
    • We have made changes to the definition of “education program” in § 99.3 to clarify that any program administered by an educational agency or institution is considered an education program; and
    • We have modified the written agreement requirement in § 99.35(a)(3) to require that the agreement specify how the work falls within the exception of § 99.31(a)(3), including a description of the PII from education records that will be disclosed, and how the PII from education records will be used.

    We have also made the following minor or non-substantive changes from the NPRM:

    • We have made minor editorial changes to the definition of “authorized representative” in § 99.3 to ensure greater consistency between the language in that definition and the language in § 99.35(a)(1);
    • We have removed language from §§ 99.31(a)(6)(iii)(C)(4) and 99.35(a)(3)(iii) and (a)(3)(iv) that permitted an organization conducting a study or an authorized representative to return PII from education records to the FERPA-permitted entity from which the PII originated, in lieu of destroying such information. We made these changes to more closely align the regulatory language with the statute and to ensure that the PII from education records is destroyed as required by the statute;
    • We have made changes to § 99.35(a)(2) to clarify that the FERPA-permitted entity from which the PII originated is responsible for using reasonable methods to ensure to the greatest extent practicable that any entity or individual designated as its authorized representative complies with FERPA requirements;
    • We have made editorial changes to § 99.35(a)(2) so the language in that section is more consistent with the language in § 99.35(a)(1) regarding the requirements for an audit, evaluation, or enforcement or compliance activity;
    • We have clarified in § 99.35(a)(3)(v) that the required written agreement must establish policies and procedures to protect PII from education records from further disclosure, including by limiting use of PII to only authorized representatives with legitimate interests in the audit, evaluation, or enforcement or compliance activity;
    • We have revised § 99.35(b)(1) to refer to a State or local educational authority or agency headed by an official listed in § 99.31(a)(3) rather than “authority” or “agency”, to ensure consistency with the language used in § 99.35(a)(2) and (a)(3);
    • We have consolidated all regulatory provisions related to prohibiting an educational agency or institution from disclosing PII from education records to a third party outside of an educational agency or institution for at least five years (five-year rule) and moved them to subpart E of part 99 (What are the Enforcement Procedures?). Specifically, we—
    Included in § 99.67(c) language from current § 99.31(a)(6)(iv) concerning the application of the five-year rule when the Department determines that a third party outside the educational agency or institution fails to destroy PII from education records after the information is no longer needed for the study for which it was disclosed;
    Clarified in § 99.67(d) that, in the context of the audit or evaluation exception, the five-year rule applies to any FERPA-permitted entity or its authorized representative if the Department determines that either party improperly redisclosed PII from education records; and
    Moved to § 99.67(e) the language from current § 99.33(e) concerning the application of the five-year rule when the Department determines that a third party outside the educational agency or institution improperly rediscloses PII from education records in violation of § 99.33 or fails to provide the notification required under § 99.33(b)(2);
    • Throughout subpart E of part 99 (§§ 99.60 through 99.67), we have revised the language regarding enforcement procedures to clarify that the Secretary may investigate, process, and review complaints and violations of FERPA against an educational agency or institution or against any other recipient of Department funds under a program administered by the Secretary. This marks a change from the current provisions, which refer only to the Department's enforcement procedures against “educational agencies and institutions,” which are defined in § 99.3 as any public or private agency or institution to which part 99 applies under § 99.1(a). Section 99.1 describes FERPA as applying to an educational agency or institution to which funds have been made available under any program administered by the Secretary if (1) The educational institution provides educational services or instruction, or both, to students; or (2) the educational agency is authorized to direct and control public elementary or secondary, or postsecondary educational institutions; and
    • Throughout subpart E of part 99 (§§ 99.60 through 99.67), we have clarified the procedures that the Office will follow to investigate, review, process, and enforce the five-year rule against third parties outside of the educational agency or institution.[5]

    Significant impact

    See also: Significant regulatory action

    The Office of Management and Budget (OMB) deemed this rule economically significant pursuant to Executive Order 12866. An agency rule can be deemed a significant rule if it has had or might have a large impact on the economy, environment, public health, or state or local governments. The term was defined by E.O. 12866, which was issued in 1993 by President Bill Clinton.[1]

    Text of the rule

    The full text of the rule is available below:[1]

    See also

    External links

    Footnotes

    1. 1.0 1.1 1.2 1.3 1.4 1.5 1.6 1.7 Federal Register, "Family Educational Rights and Privacy," December 2, 2011
    2. 2.0 2.1 2.2 2.3 2.4 Federal Register, "Family Educational Rights and Privacy," April 8, 2011
    3. Electronic Privacy Information Center, "Family Educational Rights and Privacy Act (FERPA)," accessed February 9, 2023
    4. Federal Register, "Family Educational Rights and Privacy," December 9, 2008
    5. 5.0 5.1 5.2 5.3 Note: This text is quoted verbatim from the original source. Any inconsistencies are attributable to the original source.
    v  e
    The Administrative State
    MainThe Administrative State Project Badge.png
    Pillars
    Reporting
    Laws
    Administrative Procedure ActAntiquities ActCivil Service Reform ActClayton Antitrust ActCommunications Act of 1934Congressional Review ActElectronic Freedom of Information ActFederal Food, Drug, and Cosmetic Act of 1938Federal Housekeeping StatuteFederal Reserve ActFederal Trade Commission Act of 1914Freedom of Information ActGovernment in the Sunshine ActIndependent Offices Appropriations Act of 1952Information Quality ActInterstate Commerce ActNational Labor Relations ActPaperwork Reduction ActPendleton ActPrivacy Act of 1974Regulatory Flexibility ActREINS ActREINS Act (Wisconsin)Securities Act of 1933Securities Exchange Act of 1934Sherman Antitrust ActSmall Business Regulatory Enforcement Fairness ActTruth in Regulating ActUnfunded Mandates Reform Act
    Cases
    Abbott Laboratories v. GardnerA.L.A. Schechter Poultry Corp. v. United StatesAssociation of Data Processing Service Organizations v. CampAuer v. RobbinsChevron v. Natural Resources Defense CouncilCitizens to Preserve Overton Park v. VolpeFederal Trade Commission (FTC) v. Standard Oil Company of CaliforniaField v. ClarkFood and Drug Administration v. Brown and Williamson Tobacco CorporationHumphrey's Executor v. United StatesImmigration and Naturalization Service (INS) v. ChadhaJ.W. Hampton Jr. & Company v. United StatesLucia v. SECMarshall v. Barlow'sMassachusetts v. Environmental Protection AgencyMistretta v. United StatesNational Federation of Independent Business (NFIB) v. SebeliusNational Labor Relations Board v. Noel Canning CompanyNational Labor Relations Board v. Sears, Roebuck & Co.Panama Refining Co. v. RyanSecurities and Exchange Commission v. Chenery CorporationSkidmore v. Swift & Co.United States v. LopezUnited States v. Western Pacific Railroad Co.Universal Camera Corporation v. National Labor Relations BoardVermont Yankee Nuclear Power Corp. v. Natural Resources Defense CouncilWayman v. SouthardWeyerhaeuser Company v. United States Fish and Wildlife ServiceWhitman v. American Trucking AssociationsWickard v. FilburnWiener v. United States
    Terms
    Adjudication (administrative state)Administrative judgeAdministrative lawAdministrative law judgeAdministrative stateArbitrary-or-capricious testAuer deferenceBarrier to entryBootleggers and BaptistsChevron deference (doctrine)Civil servantCivil serviceCode of Federal RegulationsCodify (administrative state)Comment periodCompliance costsCongressional RecordCoordination (administrative state)Deference (administrative state)Direct and indirect costs (administrative state)Enabling statuteEx parte communication (administrative state)Executive agencyFederal lawFederal RegisterFederalismFinal ruleFormal rulemakingFormalism (law)Functionalism (law)Guidance (administrative state)Hybrid rulemakingIncorporation by referenceIndependent federal agencyInformal rulemakingJoint resolution of disapproval (administrative state)Major ruleNegotiated rulemakingNondelegation doctrineOIRA prompt letterOrganic statutePragmatism (law)Precautionary principlePromulgateProposed rulePublication rulemakingRegulatory budgetRegulatory captureRegulatory dark matterRegulatory impact analysisRegulatory policy officerRegulatory reform officerRegulatory reviewRent seekingRetrospective regulatory reviewRisk assessment (administrative state)RulemakingSeparation of powersSignificant regulatory actionSkidmore deferenceStatutory authoritySubstantive law and procedural lawSue and settleSunset provisionUnified Agenda of Federal Regulatory and Deregulatory ActionsUnited States CodeUnited States Statutes at Large
    Bibliography
    Agencies
    Retrieved from "https://ballotpedia.org/wiki/index.php?title=Family_Educational_Rights_and_Privacy_rule_(2012)&oldid=9169528"