How to Protect Against FERPA Violations in Email Communications


Thought Leadership

How to Protect Against FERPA Violations in Email Communications

Zix Staff

It happens. A staff member accidently sends sensitive student information in an email or attachment. Despite awareness training and best intentions, people often forget to protect sensitive information in emails they send or are simply not aware of protection requirements. The Family Educational Rights and Privacy Act (FERPA), reinforced by state regulations, necessitate educational institutions and agencies to protect student education records, as well as student sensitive information. Non-compliance puts organizations at risk for legal liabilities, financial loss, and other negative consequences. Automatic scanning and policy-based email encryption prevents mistakes and diminishes your organizational risk.

What is FERPA?

FERPA is a federal law that protects the privacy interest of students. The term “educational records” is defined as all records, files, documents and other materials containing information directly related to a student, including electronic or computer files. In addition, health records pertaining to services provided under the Individuals with Disabilities Education Act (IDEA) are also considered educational records under FERPA, subject to confidentially provisions. It is impossible to depend on individual staff members to remember all the terms and security requirements that must be adhered to maintain FERPA compliance when sending any sensitive information in a student’s educational record via email.  

Removing the dependency on manual intervention and decision making are key. Automatic scanning and policy-based email encryption prevents employee mistakes, relieves burden of when and when not to use encryption and maintains normal email exchanges with third-parties.

How does Zix help?

Zix develops and maintains a comprehensive set of filters that search emails and attachments for sensitive information, including but not limited to the disclosure of personally identifiable information (PII) under FERPA, protected health information (PHI) as defined by the Health Insurance Portability and Accounting Act (HIPAA), state regulations and authoritative academic reference sources. If sensitive data is identified, Zix automatically encrypts email and uses our patented Best Method of Delivery to ensure all recipients receive encrypted email in the most secure and easiest manner possible. We take out the people dependency to protect your organization and students. 

For additional information about our automatic scanning, FERPA specific content filtering and all of our out-of-the-box policy filters, register today for a demo. See the power of automation in action.