Identity Finder Helps You Comply with FERPA
Identity Finder helps universities comply with the Family Educational Rights and Privacy Act (FERPA). FERPA requires
universities to protect students' names, addresses, social security numbers, education records, medical records,
financial aid information, and other
sensitive personal information.
Universities must use reasonable methods to restrict access to sensitive data, and use physical, technological,
and administrative controls to ensure confidentiality. In many circumstances, Universities must de-identify student
data and destroy personal information when it is no longer needed. Step 1 to all these processes is knowing where your
data is located, and having the tools to protect it. That's what Identity Finder comes does best.
Many universities once used the
social security number (SSN) as the student ID.
Although most universities no longer use the SSN as the student ID, legacy grading spreadsheets and a myriad of
other file types containing SSNs sit on thousands of professors' hard drives. Shadow Systems, or copies of the
core BANNER system, can proliferate without proper access controls outside the core administrative systems in
departments, or on servers maintained by individual professors. These databases are especially prone to breaches
and leaks and can easily be
found and secured by Identity Finder.
How You Will Comply with FERPA
Universities are designed to facilitate the free flow of information, but FERPA mandates that confidential student
information stay protected. Identity Finder helps and enforces compliance with FERPA in over a dozen ways:
- Identity Finder finds student information (such as SSNs, Dates of Birth, and Addresses) in any file type, on any network device, over the entire university network, and gives faculty, staff, and administrators the tools to eliminate unnecessary student personal information;
- Identity Finder allows administrators to shred, redact, encrypt, and quarantine sensitive student information, facilitating more effective access controls;
- Identity Finder enables administrators to automatically find and destroy protected student information when it is no longer needed;
- Identity Finder discovers sensitive information in Windows Shadow Volume (a new technology in Windows that contains previous versions of files that most employees forget about until a leak occurs) systems, in individual departments, or on professors' computers;
- Identity Finder enables security and compliance officers to identify specific devices and employees who store FERPA related data, and enforce university FERPA related data policies from a centralized console;
- Identity Finder removes sensitive student data from systems, devices and employees who do not need it;
- Identity Finder enables security and compliance officers to conduct security and compliance assessments showing a gap analysis between what is in and out of compliance;
- Identity Finder's gap analysis drives business process changes that prevent future FERPA related data leakage;
- Identity Finder implements and enforces data retention and disposal policies;
- Identity Finder encourages faculty and staff to engage in FERPA best practices by empowering them to manage errant personal information;
- Identity Finder creates a comprehensive student data inventory over the entire university network;
- Identity Finder has an extremely low false-positive rate, enabling security and compliance officers to save on wasted time and costs looking through irrelevant data;
- Identity Finder provides a dashboard and reporting interface for both technical and executive level employees that displays your compliance status at any point in time.