All posts in FERPA

FERPA Whiteboard and FERPA Interactive Whiteboard

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
April 26, 2018

FERPA Whiteboard - TeachPrivacy FERPA Training

Recently, I created two new FERPA training resources.

FERPA Whiteboard

I created a 1-page visual summary of FERPA, which I call the FERPA WhiteboardThe idea was to summarize HIPAA in a concise and visually-engaging way.  You can download a PDF handout version here.  We’ve been licensing it to many organizations for training and awareness purposes.

FERPA Interactive Whiteboard

I subsequently created a new training module — an interactive version of the FERPA Whiteboard — the FERPA Interactive Whiteboard When people click on each topic, the program provides brief narrated background information, presented in a very understandable and memorable way.  Trainees can learn at their own pace.  This program is designed to be very short — it is about 5 minutes long.

It can readily be used on internal websites to raise awareness and teach basic information about FERPA.  It can also be used in learning management systems.

Continue Reading

April 26, 2018 / Category: FERPA, Privacy Laws, Training, Training: FERPA / Tags: , , , , , /

Lawsuits for HIPAA Violations and Beyond: A Journey Down the Rabbit Hole

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
November 24, 2014

hipaa lawsuits 1

by Daniel J. Solove

At first blush, it seems impossible for a person to sue for a HIPAA violation. HIPAA lacks a private cause of action. So do many other privacy and data security laws, such as FERPA, the FTC Act, the Gramm-Leach-Bliley Act, among others. That means that these laws don’t provide people with a way to sue when their rights under these laws are violated. Instead, these laws are enforced by agencies.

Continue Reading

November 24, 2014 / Category: FERPA, HIPAA, HIPAA Business Associates, Lawsuits, Privacy / Tags: , , , /

Who Are the Privacy and Security Cops on the Beat?

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
October 21, 2014

privacy and security

law blog 2

by Daniel J. Solove

Are privacy and security laws being enforced effectively? This post is post #3 of a series called Enforcing Privacy and Security Laws.

Continue Reading

October 21, 2014 / Category: CFPB, Enforcement, EU Data Protection Directive, European Union Privacy, FCC, FERPA, FTC, HHS Office for Civil Rights, NLRB, Privacy, Privacy Laws / Tags: , , , , , /

Why Being Well-Regulated Is Good for Business

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
October 6, 2014

?????????????

by Daniel J. Solove

After Apple announced that it wouldn’t provide law enforcement with an easy back door to access data on people’s devices, we heard loud whining coming from the FBI and various security proponents that this would be bad for security.

Continue Reading

October 6, 2014 / Category: Data Security, Education Privacy, FERPA, Privacy / Tags: , , /

Follow Professor Solove on Social Media

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
July 9, 2014

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:

Professor Solove’s LinkedIn Influencer blog

LinkedIn Influencer 02 You can follow Professor Solove on his blog at LinkedIn, where he is an “LinkedIn Influencer.”  He blogs about various privacy and data security issues. His blog has more than 600,000 followers.

LinkedIn Influencer 01

*    *    *    *

Professor Solove’s Twitter Feed

Twitter 01Professor Solove is active on Twitter and posts links to current privacy and data security stories and new scholarship, cases, and developments of note.

*    *    *    *

Professor Solove’s Newsletter

Newsletter 01Sign up for our newsletter where Professor Solove provides information about his recent writings and new training programs that he has created.

*    *    *    *

Professor Solove’s LinkedIn Discussion Groups

Please join one or more of Professor Solove’s LinkedIn discussion groups, where you can follow new developments on privacy, data security, HIPAA, and education privacy issues. You can also participate in the discussion, share interesting news and articles, ask questions, or start new conversations:

Privacy and
Data Security		HIPAA Privacy
and Security		Education Privacy
and Data Security
Image Group LinkedIn Logo Education Privacy 01Image Group LinkedIn Logo HIPAA 01Image Group LinkedIn Logo Privacy Security 01
July 9, 2014 / Category: APEC Privacy Framework, BCRs, BYOD, Chief Privacy Officers, Chief Security Officers, Cloud Computing, Data Security, Education Privacy, Employment Privacy, EU Data Protection Directive, European Union Privacy, FERPA, Financial Privacy, FTC, GLBA, Global Privacy, HIPAA, HIPAA Business Associates, International Privacy, Mobile Devices, New Developments, New Training Programs, OECD Privacy Guidelines, Phishing, Privacy, Privacy by Design, Privacy Laws, Safe Harbor, Scholarship, Social Engineering, Social Media, Training, Training: Data Security, Training: FERPA, Training: Financial Privacy, Training: HIPAA, Training: PCI, Training: Privacy Awareness, Training: Safe Harbor / Tags: , , , /

The Most Effective Factor in Education

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
July 21, 2014

most effective education blog 1

by Daniel J. Solove

I’ve been a teacher for the past 15 years, and I’ve taught in several mediums including live classes and computer-based e-learning. I have come to the conclusion that the most effective factor in education and training is fostering emotional investment.

Simply put, students must care about learning the material. The more they care, the more they learn.

The notion of getting emotional investment from students might sound like simple common sense, but it is often not done …and often not even attempted.

Continue Reading

July 21, 2014 / Category: Education Privacy, FERPA, Training, Training: Data Security, Training: FERPA, Training: Financial Privacy, Training: HIPAA, Training: PCI, Training: Privacy Awareness, Training: Safe Harbor / Tags: , , , /

Big Data and Our Children’s Future: On Reforming FERPA

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
May 14, 2014

Double check

by Daniel J. Solove

Last week, the White House released its report, Big Data: Seizing Opportunities, Preserving Values. My reaction to it is mixed. The report mentions some concerns about privacy with Big Data and suggests some reforms, but everything is stated so mildly, in a way designed to please everyone. The report is painted in pastels; it finesses the hard issues and leaves specifics for another day. So it is a step forward, which is good, but it is a very small step, like a child on a beach reluctantly dipping a toe into ocean.

Continue Reading

May 14, 2014 / Category: Big Data, Chief Privacy Officers, Chief Security Officers, Cloud Computing, Data Breach, Data Security, De-Identification of PHI, Education Privacy, FERPA, Privacy / Tags: , , , /

Why Did inBloom Die? A Hard Lesson About Education Privacy

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
May 6, 2014

in bloom blog 1

by Daniel J. Solove

For any organization who doesn’t take privacy seriously, the demise of inBoom should be a loud wake up call. Funded by $100 million from the Gates Foundation, inBloom was a non-profit organization aiming to store student data so that school officials and teachers could use it to learn about their students and how to more effectively teach them and improve their performance in school. Who would have thought that a project with so much funding and promise would be shutting down just a few years after its creation? What went wrong?

Continue Reading

May 6, 2014 / Category: Chief Privacy Officers, Education Privacy, FERPA, Privacy / Tags: , , /

Our Privacy and Data Security Depend Upon Contracts Between Organizations

Daniel Solove
Daniel Solove @danielsolove
Founder of TeachPrivacy
May 5, 2014

contracts between organizations blog 1

by Daniel J. Solove

Increasingly, companies, hospitals, schools, and other organizations are using cloud service providers (and also other third party data service providers) to store and process the personal data of their customers, patients, clients, and others. When an entity shares people’s personal data with a cloud service provider, this data is protected in large part through a contract between the organization and the cloud service provider.

In many cases, these contracts fail to contain key protections of data. For example, a study conducted by Fordham School of Law’s Center on Law and Information Policy revealed that contracts between K-12 school districts and cloud service providers lacked essential terms for the protection of student data. I blogged about this study previously here.

Continue Reading

May 5, 2014 / Category: Cloud Computing, Data Security, Enforcement, FERPA, FTC, Privacy, Privacy Laws, Scholarship / Tags: , , , /