To implement FERPA and protect student records, I would place all student records on a database that is inaccessible to anyone except those who are authorized to see those records. Administrators and IT workers would be the only ones to have unrestricted access to the database. Other workers would have conditional access to relevant portions of the database: for example, a professor would have access to records for students in his classes that were germane in regards to his teaching duties. Passwords would be required to be changed regularly to ensure that unauthorized access did not occur.
To implement CIPA, I would install filtering software on all computers owned by the institution. Filters would block pornography, file sharing sites, illegal content and other types of content inappropriate for access at school. I would also restrict users from being able to download or install certain types of files and programs on computers in order to further protect the system’s integrity.
By implementing these changes, the institution would be able to stay in full compliance with FERPA, CIPA, and COPPA. Compliance standards for these laws require top-notch Internet security, secrecy protocols limiting the availability of confidential information, and transparent privacy policies and terms of service that are accessible by users of computers and websites that the institution owns. Additionally, implementing an auditing team that would continuously ensure that the institution was complying with these regulations would go a long way towards making sure that no slip-ups occurred and the institution did not run afoul of the law at any point.
- Jaeger, P. T., & Yan, Z. (2009). One law with two outcomes: Comparing the implementation of CIPA in public libraries and schools. Information Technology and Libraries, 28(1), 6.
- Liccardi, I., Bulger, M., Abelson, H., Weitzner, D. J., & Mackay, W. (2014, July). Can apps play by the COPPA Rules?. In Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on (pp. 1-9). IEEE.
- Rinehart-Thompson, L. A. (2009). Amendments to FERPA regulations: New changes attempt to balance safety and privacy in student records. Journal of AHIMA, 80(7), 56-57.