Higher Ed
A Framework for Non-Degree Credential Quality
“Parchment is heavily invested in both privacy and security, including FERPA compliance. At the same time, we make sure that we balance protecting learners with providing a superior user experience.” – Erin Elliot, Director of Solution Engineering and Information Security, Parchment
Under FERPA (Family Educational Rights and Privacy Act of 1974), schools are responsible for protecting student data. However, privacy laws can be confusing and complex, making it difficult to comply completely. This is especially true with the transition from paper to digital information. What’s more, your school/district also must ensure that your third-party vendors have appropriate safeguards in place.
At Parchment, we understand your privacy and security concerns. That’s why our digital credentials solutions adhere to all FERPA regulations (and state regulations where necessary). And further, our digital records are securely stored and blue-ribbon certified, so receivers know records haven’t been altered.
About FERPA
Simply put, with FERPA, parents have the right to access their minor student’s high school records and authorized consent is required before disclosure of high school records, in accordance with the provisions of FERPA.
Once students turn 18 or enter a post-secondary institution (even if still a minor), they have sole access to their school records. For dual-enrollment students, parents can only access high school records, not those from a college or university.
FERPA also defines what information can be shared and when consent is required. FERPA designates certain information as directory information; this data includes first and last name, date of birth, student ID number, and graduation date. Any student education-related data (transcripts, diplomas, or any document that’s being fulfilled through Parchment) is protected under FERPA.
Common Misconceptions
Today, protecting student information is more important than ever. So, it’s key for you to understand what, when, how, and with whom (internally and externally) you can share. That said, FERPA laws are complicated and often misunderstood.
In our conversations with schools and districts, there have been some misconceptions about FERPA requirements for K12, particularly about requesting a record. Do schools need to validate the student’s identity to release a record?
With FERPA, educational agencies and institutions are required to use reasonable methods to identify and authenticate the identity of parents, students, school officials, and other parties before disclosing or permitting access to PII. For example, obtaining a photo ID (like a driver’s license) may be used as a reasonable method to validate a requester’s identity, however it is not the only method of validation that can be used and is NOT specifically required under FERPA.
About Electronic Signatures
When it comes to electronic signatures, FERPA requirements are somewhat generic:
Thus, Parchment uses industry standards to authenticate the electronic consent source, and the person must approve the information. Plus, the signature must be attached to a downloadable/save-able file.
Parchment and FERPA Compliance
Parchment services include the electronic ordering, fulfillment, and delivery of academic credentials and data, including transcripts and related admissions documents, diplomas, test score reports, certificates, and certifications, as well as the electronic awarding of Credentials.
By accessing and using our site or by clicking “I accept” prior to registration on the site, students consent to the collection, use, and disclosure of their information and personal data by Parchment. When ordering transcripts via Parchment, students proceed through the checkout and clicks next, providing consent to release the transcripts and to receive email notifications regarding their order.
In summary, the Parchment’s responsibility under FERPA is relatively limited: transporting information from point A to point B, consenting for an employer, school, or scholarship provider to have access to the transcript. Note that it’s not a blanket permission. We collect consent for each individual order.
Beyond FERPA
At Parchment, we understand how important student privacy is, and we take our role in protecting it very seriously.
While compliance with FERPA for the consent and release of records is your most common need, Parchment also takes additional steps to prevent unauthorized disclosure.
That means we use the highest industry-standard technology designed to protect your information and all transmissions made through our site. In addition, we also take measures to protect the confidentiality, security, and integrity of personally identifiable information collected on our site.
Parchment follows Industry-standard auditing procedures, including:
Want to know more? See our Parchment Privacy Policy.
Additional Resources