The Family Educational Rights and Privacy Act sets forth requirements regarding
the privacy of student records and
affords students certain rights with respect to their education records.
Education records are specified as records that are directly related to a student that include any information in any medium.
• Social security number
• Admissions information
• Biographical information
• Grades, test scores, and GPA
• Coursework including papers
• Disciplinary records.
• Student financial and financial
• Internship or study abroad
Top 5 Reasons to Undertake Risk Analysis and Risk Management:
1. Avoid security incidents
and /or breaches.
2. Ensure that high priority risks are
aggressively managed and that all
risks are cost-effectively managed
throughout the project.
3. Become a “best in class” practice.
4. Provide management at all levels with
the information required to make
informed decisions on issues critical to
5. Tremendous educational and
Who is required to comply with FERPA?
All schools, either K-12 or higher education, public or private, that receives funds under any program from the U.S. Department of Education.
What are the penalties for failing to comply with FERPA?
An educational institution that fails to comply with FERPA may lose its federal funding. Individual incidents involving the disclosure of private information may lead to a lawsuit or allow for monetary compensation for the damages.
Sentryx Solution for FISMA/CSF Compliance and Risk Management
Sentryx provides expert guidance and effective software technology called SPARTAN to address the entirety of FERPA compliance and risk management. Our solution consistently addresses the seven elements of an effective compliance program. Also included is our FERPA privacy controls assessment. Lastly, our risk assessment process includes an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of federal data and information.
Sentryx Cybersecurity Solutions provides
a methodology and software that is proactive, adaptable, and consistent
with industry best standards.
The risk analysis and risk management process includes an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability
of personally identifiable information.
An Ongoing Effort that
Requires Process Maturity
Peace of Mind
There is a Right Way and
Many Wrong Ways
Checklist and Spreadsheets
Will Not Pass Audit
• Spartan provides an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of the electronic information, whether it be client or company data.
• Definitions and default text aid in understanding of each topic and provide proper vernacular for attestation.
• Spartan solutions risk access, develop mitigation plans, and write reports.
• Spartan provides operational compliance through a mature, repeatable, complete, accurate and sustainable process and can become your on-going compliance assessment and monitoring tool.
• Spartan SaaS is an Enterprise Class platform providing Information Technology, Governance Risk and Compliance (IT GRC). Modules include HIPAA, FISMA, PCI-DSS, FERPA, NERC-CIP, Business Continuity Planning.
• Modules can be used individually or in combination when unique compliance requirements share common security controls and help us efficiently keep up with hundreds of tasks associated with each regulatory requirement.
• Spartan provides an auditable, password protected, logged documentation tool that meets requirements of internal and external audit standards.
Copyright 2013 - 2015 Sentryx Cybersecurity Solutions. All rights reserved.