🇺🇸 Live Privacy & Data Protection

FERPA

Protects the privacy of student education records and gives parents and eligible students rights to access and amend those records. Applies to educational institutions that receive federal funding.

View official source document

32

Rules extracted

353

Obligations decomposed

11.0x

Avg obligations per rule

🇺🇸 United States

Jurisdiction

What AuditDSS covers

Source

1

Regulation

Extracted

32

Rules

Decomposed

353

Obligations

11.0x

Decomposition ratio

Each rule is decomposed into an average of 11.0 atomic obligations — the smallest testable units that can be independently violated.

Fully extracted & scored

All 353 obligations have been decomposed, titled, risk-scored, and embedded for semantic matching.

Risk scoring

Every obligation in FERPA is scored across independent risk dimensions:

W

Obligation Weight

How critical within the regulatory framework

L

Violation Likelihood

How often breached in practice

E

Enforcement Evidence

Regulator enforcement history and penalties

C

Cascade Dependency

How many obligations depend on this one

Regulatory details

Full title
FERPA
Regulatory body
US Department of Education Student Privacy Policy Office
Jurisdiction
🇺🇸 United States
Document type
regulation
Effective date
November 19, 1974
Industry
Privacy & Data Protection
Official source
View source document ↗

Who this applies to

educational institutions receiving federal fundsK-12 schoolscolleges and universitiesed-tech vendors

Key requirements

  • prior consent for disclosure
  • annual notification of rights
  • directory information opt-out
  • education records access rights
  • amendment of records
  • complaint procedures

Frequently asked questions about FERPA

What is FERPA?
Protects the privacy of student education records and gives parents and eligible students rights to access and amend those records. Applies to educational institutions that receive federal funding.

Who does FERPA apply to?
FERPA applies to educational institutions receiving federal funds, K-12 schools, colleges and universities, ed-tech vendors.

How many obligations does FERPA contain?
AuditDSS has decomposed FERPA into 353 atomic obligations from 32 rules. Each obligation is independently testable and risk-scored.

What are the key requirements of FERPA?
The key requirements include: prior consent for disclosure, annual notification of rights, directory information opt-out, education records access rights, amendment of records, complaint procedures.

How can I assess my FERPA compliance?
Upload your compliance policy to AuditDSS. The platform maps your document against all 353 FERPA obligations using deterministic AI scoring — not checklists or LLM summaries. You get a risk-scored gap analysis showing exactly which obligations are covered, partially covered, or missing.

Which jurisdiction enforces FERPA?
FERPA is enforced in United States by US Department of Education Student Privacy Policy Office.

When did FERPA come into effect?
FERPA became effective on November 19, 1974.

What industry does FERPA apply to?
FERPA is primarily relevant to the Privacy & Data Protection industry. AuditDSS covers 71 regulations in this industry sector.

Build a FERPA compliance pack

Don't have a compliance policy yet? AuditDSS generates a complete compliance pack for FERPA — alone or combined with other regulations your business needs. Every clause is mapped to specific obligations.

Policy

High-level commitments and governance framework covering FERPA requirements.

Procedures

Step-by-step operational procedures to implement each policy commitment.

Forms & checklists

Ready-to-use forms, registers, and checklists for day-to-day compliance operations.

Multi-regulation

Combine FERPA with other regulations into a single unified compliance pack for your business.

Build FERPA compliance pack

Already have a policy? Assess it against FERPA

1

Upload your document

Upload your compliance policy, program manual, or operational document. AuditDSS accepts any text-based document.

2

AI maps against 353 obligations

Your document is scored against every obligation in FERPA. Each claim is mapped to the obligation tree and evaluated for coverage.

3

Risk-scored gap report

Receive every gap ranked by risk priority with remediation guidance, enforcement evidence, and cascade impact analysis.

Related regulations in Privacy & Data Protection

🇦🇺 Live

Fair Work Act 2009

16 rules, 260 obligations
🇦🇺 Live

Modern Slavery Act 2018

9 rules, 135 obligations
🇦🇺 Live

Privacy Act 1988

29 rules, 203 obligations
🇦🇺 Live

SOCI Act 2018

10 rules, 32 obligations
🇦🇺 Live

Model WHS Act

10 rules, 41 obligations
🇧🇷 Live

LGPD

19 rules, 200 obligations
🇺🇸 Live

CCPA/CPRA

46 rules, 572 obligations
🇨🇳 Live

CSL

8 rules, 201 obligations

Assess your FERPA compliance

Upload your document and get a risk-scored gap analysis against 353 FERPA obligations in under 5 minutes.

Start assessment Browse all regulations