FERPA & Technology
FERPA (the Family Educational Rights Privacy Act) affords students certain rights with respect to their education records.
What is an Education Record?
Content that identifies students, or content that students create, constitutes an education record and thus FERPA regulations apply; those regulations require that the university protect the content from disclosure. One exception to the regulations is student consent.
FERPA & Technology
Many instructors are aware of FERPA but may not think of it when it comes to technology. Be mindful that Cornell has contracts with a number of vendors whose services are approved for the use of education records. Canvas, Turnitin, Digication, and LabArchives are all examples of approved services.
Some common examples of technology use that violate FERPA include:
- Uploading a class roster to a non-approved cloud service; for example, SurveyMonkey.
- Uploading student information or student work to a non-approved cloud service such as Google Docs.
- Recording students in the classroom and keeping the video online and open to the public, without their permission.
- Adding a non-course affiliated user as Instructor or TA to a Canvas course in order to browse materials.
Course Media & Student Work
You may post original student work openly on the Internet provided you obtain student consent and provide an opt-out opportunity for individual students. For additional guidelines on ensuring that your content is FERPA compliant, see the FERPA Course Guidelines established by University Counsel. University Relations has created a form that provides a good example of how to request student consent for photography/videography.
What to Do if You Aren’t Sure
Cornell’s Regulated Data Chart contains a list of cloud services that are approved for FERPA-regulated data.
Please email CTI with any questions.
- Cornell’s FERPA policy
- Cornell’s Regulated Data Chart
- Information About Enterprise and Consumer Cloud Services at Cornell