Security and privacy have highly cared for different entities that make sure to issue a legislature that protects that matter. In the United States of America exists the FERPA regulation or, Family Educational Rights and Privacy Act, to ensure that institutions take care of this aspect. In order to achieve LMS FERPA compliance, an LMS platform must ensure that its interface and protocols are directed to be reliable and safe with every version.
FERPA, Family Educational Rights and Privacy Act, protects the information of students and their families that is managed in educational environments, it includes specifications for control and management the access to information through permissions or roles that users, instructors, and administrators have to grant and access respectively to the data.
LMS FERPA Compliance defines the way in which information about students and their families is safeguarded and accessed for educational institutions that receive funds from the United States government. This regulation contains a set of laws created to protect the privacy and security of users’ information within the network, some of them are regulations such as HIPAA, Part 11, GDPR, among others.
The user is the one who controls the information that wants to share and makes it public in the LMS. This regulation requires permissions to see the information about the user’s education, their identity or personal information and the information they host in different platforms with which the Learning Management System can be integrated.
All the information that is shared must go through an approval process previously signed in order to be seen and used by the LMS platform, the instructor, the administrator or the developer.
An LMS with FERPA Compliance, like Paradiso LMS, properly handles all the security of the GPA information, transcripts, social security number, grades, and evaluations.
In the case of instructors, administrators and other roles within the LMS platform that need access to the student information, FERPA Compliance controls the information that can be shared with them, and students are free to handle these permissions or make changes without prior authorization. The information about LMS FERPA compliance should be shared by instructors and providers of the LMS platform with the specific training on this topic.
The data that is freely shared by users is known as a Directory Information and can include: name, mailing and permanent addresses, telephone numbers, email addresses, date of birth, county, state, or U.S. territory from which the student originally enrolled, major field of study, class (junior, senior, etc.), enrollment status (full-time, part-time, etc.), participation in officially recognized activities and sports, weight and height of members of athletic teams, dates of attendance and anticipated date of graduation, degrees and awards received, the most recent previous educational agency or institution attended by the student, and honors information.
Confidential information is any other information that is not defined as directory information, notably: student ID, ethnicity and race, sex, schedule, grades, G.P.A., registration in courses, social security number (SSN), and parents’ name and address.
When you are selecting an LMS platform you should look for an LMS provider that could be adapted to comply with the different regulations or protocols that must be met by institutions or companies within the field of education or virtual training. Paradiso LMS is FERPA compliant, restricting user records and information from being public, not having a public course catalog but only showing courses of specific user interest and managing the right permissions for every user level (roles). With our LMS we make sure user information is always protected, and also our infrastructure is built to ensure users information privacy and security. Some adaptations need to be done and it will require a custom work of 35 hrs to be completely FERPA Compliant. Also, some customization could be required as every institute/company has their own specific use case.
Paradiso LMS has not only reached FERPA compliance, but it also has full compliance with GDPR, FedRamp, HIPAA, Title 21 CFR Part 11 and others.
For details on the implementation of security protocols on LMS platforms send us an e-mail to sales@paradisosolutions.com