The Family Educational Rights and Privacy Act (FERPA) is a Federal law that was enacted in 1974. FERPA protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.
YES, ProctorFree is FERPA compliant. FERPA compliance requires an institution or third party institution to treat and protect private and personally identifiable information, and to disclose any loss of information. ProctorFree has never disclosed the private information of any student or faculty member and takes great strides to limit the information we receive to the smallest amount possible. Name, Email Address, Audio, System, Behavioral and Video information, however, are required by our business as an exam provider and authentication specialty service.
To combat disclosures, we embrace multi-tier, high quality encryption on storage media, across the wire communication and in the database itself. One way, high quality encryption is used whenever necessary, and Learning Tools Interoperability (LTI) based integrations are used when possible to gain only tokenized access to student and faculty private information. The highest quality SSL is our absolute minimum. Frequent penetration tests, security audits and design philosophy is encoded in our company's policies and practices. Additionally, information not expressly and contractually mandated is not kept beyond the minimum contractual terms.
To that end, we sculpt our system to detect and target untrustworthy behavior. We remove the easiest point of access to private information, the human being. Though we audit a percentage of our exams, those are done with a limited amount of information about the student in order to compartmentalize and keep in good confidence the material at hand.
We meet and exceed FERPA guidelines, while also contracting only with credit card and other processing services to likewise avoid any loss of data.