Main Nav

The Department of Education has just released final regulations amending the Family Educational Rights and Privacy Act (FERPA). From their site: “The changes to the FERPA regulations will have the important effect of improving access to data. Improved access to data will facilitate States’ ability to evaluate education programs, ensure limited resources are invested effectively, build upon what works and discard what does not, increase accountability and transparency, and contribute to a culture of innovation and continuous improvement in education.”


For more information, visit: The site also includes two overview documents: one for state educational agencies (SEAs) and local educational agencies (LEAs), and a second for parents and students. The regulations (including a summary) are available at:



Karen A. Wetzel

Program Manager, EDUCAUSE

1150 18th Street NW, Washington, DC 20036

202-872-4200 (main) / 202-331-5346 (direct)
202-872-4318 (fax)


Get the latest news on higher education IT policy issues and regulations.
Subscribe to EDUCAUSE Policy Digest.


********** Visit the EDUCAUSE Policy website at




Thanks  for sending this.  Unfortunately, the “summary” doesn’t seem to be a summary of the changes at all, but just a statement of the intent behind the changes.  If an actual summary of the changes to the regulations comes along, it would be very useful (as opposed to plowing through a 253 page pdf).  AACRAO has expressed disappointment with the changes and promises a more in depth analysis in the coming week.  AACRAO’s immediate statement is at


I realize this is a brand new announcement, so it may take a while before summaries of the changes start circulating..  There could be some important implications for IT in the changes.  Did Educause take a position on the revisions? 


Tom Franke

University System of New Hampshire


Hi, Tom – Yes, EDUCAUSE did submit comments on the then-proposed FERPA changes, largely highlighting concerns about the relevant privacy and security issues and recommending steps to address them drawn from the work of the Higher Education Information Security Council (HEISC). Please see:


We also met directly with the U.S. Department of Education  (ED) chief privacy officer, Kathleen Styles, in June; while the focus of that conversation was bringing her up-to-speed on the work of our privacy and security community in general, we also referenced the official comments we submitted on the FERPA process and reinforced the concerns they addressed. We had a subsequent meeting with the ED chief information officer, chief information security officer, and Styles; again, the overall focus of that conversation was on facilitating information-sharing on IT issues with the department in general, but it gave us another opportunity for informal discussion with Styles on the status of the FERPA process. – Jarret


Jarret S. Cummings

Policy Specialist






Hi Tom,


Just to add – we’ll keep a look out for a summary of the changes and make sure to pass that along, too.