FERPA Audit

FERPA stands for the Family Educational Rights and Privacy Act, which is a federal law designed to protect the privacy of student educational records and guarantee the rights of students to inspect and review their education-related records. Educational institutions are required to store educational records according to the standards promulgated by FERPA and may be audited by the U.S. Department of Education to assure compliance with the standards.

FERPA applies to all institutions that receive funds under a relevant program of the U.S. Department of Education. In most cases, the registrar’s office, Legal Affairs or Academic Affairs department of the institution will be responsible for FERPA compliance or a FERPA audit.

In terms of auditing standards, FERPA does not set forth specific audit log requirements, but institutions are required maintain logs of who has authorized access to records, records must also be stored securely to prevent unauthorized access, and records should be destroyed when they are no longer legally required to be stored.

In practical terms, this means all educational institutions need carefully thought-out security and privacy policies and technologies, as well as robust, secure IT infrastructure to instantiate these policies and technologies.

Application and server management leader Idera’s SQL Compliance Manager makes FERPA (or HIPAA, SOX or PCI) a snap!

SQL Compliance Manager provides an easy-to-use wizard to add compliance regulations to your audited SQL server objects preset auditing settings. The wizard allows you to install regulations designed to help you comply with more than 16 different regulatory citations.