Encryption of School Data

  • Print

There are no statutes which address this in the Ed Code or in the Charter Schools Act and no obligations under FERPA (Family Educational Rights and Privacy Act) to encrypt information about individual students, even if it contains identifiable student information, or other kinds of information which should be protected. For health care providers and those handling personal medical information in digital form, there are requirements under HIPAA (Health Insurance Portability and Affordability Act) to take reasonable steps to protect data security. (Schools are typically not covered by HIPAA rules, although they may have some student medical information entitled to protection.) But even under HIPAA, there are no specific regulations requiring encryption of email.

If data is inadvertently released to the wrong person--or hacked--then California law requires notification to the affected persons, so they can take steps to protect themselves from identity theft. So taking security measures is a good idea from a risk management standpoint.

Ask A Question

From Our Blog

California Charter Schools Win Big at U.S. Academic Decathalon

CCSA congratulates [El Camino Real Charter High School](http://ecrchs.net/)'s Academic Decathalon team for its eighth overall win, and [Leemore Middle College

Participate in a Statewide Survey About the Local Control Funding Formula

The California Collaborative for Educational Excellence (CCEE) invites charter schools and charter management organizations to participate in a statewide survey