Information Education Agencies Can Share With Child Welfare Under the Family Educational Rights and Privacy Act (FERPA)

Excerpted and adapted from Solving the Data Puzzle:  A “How-To” Guide on Collecting and Sharing Information to Improve Educational Outcomes for Children in Out-of-Home Care, a publication of the Legal Center for Foster Care and Education, prepared by the American Bar Association Center on Children and the Law, Juvenile Law Center, and Education Law Center-Pennsylvania.

Jessica Feierman
Supervising Attorney, Juvenile Law Center

On any given day, there are 510,000 children in foster care in America. Education is a critical, yet often overlooked, issue for these youth—one that deeply affects their stability and well-being. A quality education can help a child in care achieve and maintain permanency. In contrast, a child’s school struggles or failures can undermine the child welfare agency’s ability to find the child a stable and permanent family. Inadequate educational support has lasting effects: it is well documented that poor educational outcomes can result in homelessness, unemployment, and incarceration for former foster youth. By collecting data and sharing information across child welfare and education systems, we can learn why and what needs to change. We can assist individual children and youth to achieve their educational goals, and help systems identify policies and practices that could better meet the educational needs of youth in care.

Data collection and sharing requires compliance with the Family Educational Rights and Privacy Act (FERPA), which protects the privacy rights of students and their parents in a student’s education records (see 20 U.S.C § 1232(g), and 34 C.F.R. Part 99; FERPA has been amended several times since). FERPA establishes which information can be shared, to whom, and under what circumstances. While FERPA is often seen as an obstacle to needed information sharing, a careful look at FERPA clarifies that with the right attention to procedures, useful information about students in care can be shared to improve direct services to individual clients, and to assess programs at a system level—while still protecting the privacy rights of students and parents.

Generally, FERPA requires states to provide for a parent’s right to access their children’s education records, and to keep those records confidential unless the parent or “eligible student” consents to disclosure (20 U.S.C. §1232(g)(a)(1)(A)).

Additionally, FERPA allows parents the right to a hearing challenging what is in the student’s education record (20 U.S.C. § 1232(g)(a)(2)). Education records are defined as those materials maintained by the educational agency or institution containing personally identifiable information directly related to a student (20 U.S.C.A. § 1232(g)(a)(4)(A)).

According to FERPA, education records can be released to child welfare in limited ways. First, records can be released with parental consent. Therefore, the child welfare agency or anyone seeking to access the child’s education records should always first attempt to seek parental consent. Some jurisdictions, including Los Angeles, California, have developed a “parental consent form” that the child welfare agency requests that the parent or guardian sign as soon as a child is placed in out-of-home care.

While FERPA refers to the rights of the “parent” throughout the law, it includes no definition of parent. FERPA regulations, however, define a parent as “a parent of a student and includes a natural parent, a guardian, or an individual acting as a parent in the absence of a parent or guardian” (34 C.F.R. § 99.4; in response to a concern regarding foster parent access to educational records, the federal Department of Education responded, “The regulations already define the term parent in §99.3 to include ‘a parent of a student and includes a natural parent.’”). Because the child welfare agency is legally responsible for the children in out-of-home care, the agency could be considered to be a guardian, or “acting as a parent in the absence of a parent or guardian,” and therefore the “parent” under FERPA. Other jurisdictions, such as New York City, Washington State, and Florida, have overcome the potential FERPA barrier for child welfare agencies by directly including the agency in the state definition of parent by statute or regulation (see McNaught, 2005).

In the absence of parental consent or the agency being considered the parent, agencies may turn to a FERPA exception to obtain the records. The relevant exceptions are discussed below. If records are obtained under a FERPA exception, there is a specific prohibition on redisclosure. In contrast, if a child welfare agency obtained the records by getting parental consent or meeting the definition of parent under FERPA, the agency may redisclose the records.

Student-Specific Information Sharing

In the absence of parental consent, the most relevant FERPA exception to child welfare student-specific information sharing is the release to appropriate persons when needed to comply with a judicial order or subpoena. Because child welfare cases are already involved with the court system, getting a court order or subpoena is often the most feasible FERPA exception. Under this exception, a court order individualized for each child may allow the school to release records to any party listed on the order, including the child welfare agency or caseworker, caretaker, children’s attorney, or court-appointed special advocate (CASA). Although guidance suggests that the court order must not be a “blanket order,” and must be individualized, it is appropriate for courts to have a habit of including language in form orders that indicates to whom school records may be released. The parent and the student must be notified of the court order by the school in advance of the school’s release of the records (20 U.S.C.A § 1232 (g)(b)(2) (A)).

Statistical Information Sharing

As a preliminary matter, it is worth noting that some information used for statistical analysis does not constitute an “educational record,” and does not trigger FERPA protections. Education records are defined as those materials maintained by the educational agency or institution, containing personally identifiable information directly related to a student (20 U.S.C.A. § 1232(g)(a)(4)(A)). Therefore, anonymous data (“non-personally identifying”), or information that does not directly relate to a student, or information that was gleaned from a source other than that students’ education record can be shared without triggering FERPA.

Equally pertinent for statistical information sharing, FERPA allows “directory information” to be disclosed without parental consent. Directory information includes the following: student’s name, address, telephone listing, date and place of birth, major field of study, participation in activities and sports, weight and height (for athletic teams), dates of attendance, degrees and awards received, and the most recent educational agency attended by the student (20 U.S.C.A. § 1232(g)(a)(5) (A)). A Social Security number or school identification number is not directory information.

In the absence of parental consent, some FERPA exceptions can prove useful for statistical information sharing. First, if the judicial system makes a practice of issuing individualized orders for each child in out-of-home care, the judicial order exception can support this level of information sharing.

FERPA also authorizes “organizations conducting studies for, or on behalf of, educational agencies or institutions for the purpose of developing, validating, or administering predictive tests, administering student aid programs, and improving instruction” (emphasis added). However, studies must be conducted to protect personal identification of students (i.e., a small cell size). Also, the information must be destroyed when no longer needed for the purpose for which it is conducted (20 U.S.C.A. § 1232(g)(b)(1)(F)). “Organization conducting studies” includes federal, state, and local agencies, and independent organizations (34 C.F.R. § 99.31(a)(6)(i)). The U.S. Department of Education in letters of guidance has interpreted authorized disclosure to mean a study authorized by the local educational agency or school, rather than one that benefits the local educational agency or school.

Additionally, FERPA clearly allows “authorized representatives of (A) the Comptroller General of the United States, (B) the Secretary, or (C) State educational authorities” to access student or other records, which “may be necessary in connection with the audit and evaluation of Federally-supported education programs, or in connection with the enforcement of the Federal legal requirements which relate to such programs” (20 U.S.C.A. § 1232(g)(b)(3)). The No Child Left Behind Act (NCLB) expressly authorizes state longitudinal data systems to link student test scores, length of enrollment, and graduation records over time (20 U.S.C. § 6311(b)(3)(B)). The act also vests in states the responsibility to administer assessments required under law and to provide diagnostic reports on individual students to parents, teachers, and principals (20 U.S.C. § 6311(b)(3)(C)(xii)). As a result, a state, without parental consent, may collect and store in a data warehouse personally identifiable information regarding individual student performance on state assessments, enrollment, and graduation, and may share information on student assessment results with schools attended by the students (Winnick, Palmer, and Coleman, 2006).

Based on the NCLB provision, the state may continue to use this data not only to evaluate programs, but also to track individual students and diagnose and address their individual needs and achievements. The state can share this personally identifiable information with schools attended by the student, including postsecondary schools. Collection of the personally identifiable information and its disclosure to schools attended by the students is “specifically authorized by Federal law” (Winnick, Palmer, and Coleman, 2006).

FERPA can be seen as an obstacle, but it also provides an opportunity: an opportunity to think carefully about the best strategies for sharing information to provide better individual services and improved system practices—all while respecting the privacy of students and their parents. By engaging in this work, the child welfare and education agencies can take significant steps toward better educational outcomes, and consequently better life outcomes, for youth in care.


As of December 2011, the regulations define “authorized representative” as “any entity or individual” so designated to perform these functions (34 C.F.R. §99.3).

Comments to the new regulations clarify that the child welfare agency may be an authorized representative:

While we agree that authorized representatives of State educational authorities may generally include child welfare agencies, authorized representatives may only access PII from education records under paragraph (b)(3) of FERPA in order to conduct audits, evaluations, or enforcement or compliance activities (76 F.R. at 75618).

The new regulations also clarify that “education program” has a broad definition, which further expands opportunities for a child welfare or education agency to evaluate a program serving youth in care:

[A]ny program that is principally engaged in the provision of education, including but not limited to early childhood education, elementary and secondary education, postsecondary education, special education, job training, career and technical education, and adult education, and any program that is administered by an educational agency or institution (34 C.F.R. §99.3).