Q: My office is purchasing a new system that will need to use student data. What do I need to be aware of as it relates to FERPA?
A: Never fear! There is a contractual review process for technology purchases that will help you cover the right bases. University Information Security (UIS), the Office of General Counsel, and ASR work together on reviewing contracts to ensure the right guardrails are in place. UIS also can work with you on a vendor risk assessment early on to highlight key areas related to privacy and security that might introduce risk with your system; it’s important to remember that privacy and security go hand-in-hand when evaluating new technologies.
As always, if you have any questions, send them to ferpa@umn.edu.
No comments:
Post a Comment