Latest Stoller and SB 276 Update Posted

Latest Stoller and SB 276 Update Posted

4 thoughts on “Latest Stoller and SB 276 Update Posted

  1. I thought the Seventh Circuit settled the FERPA and FOIA issue:

    Also, any parent whose medical exemption information was released to a media outlet should file a FERPA complaint. The media has no medically necessary, public health reason to have access to FERPA protected student information according to Federal or State laws:

  2. sure you can file a complaint, and sure maybe the Dept of Education will write a letter, but there is no private right of action, either damages or injunction for a private person who claims his FERPA’s rights were violated.

  3. That’s why some schools refused to comply with the FOIA request. They didn’t want to take the chance of violating FERPA or CA Student Privacy Laws (which I believe individuals can sue under.)

    In 2016, when confronted with the violation of FERPA, Santa Barbara & Sacramento Public Health Depts amended their request to “deindentify” (redact students names) & still fax the medical exemptions with medical information and doctors names. Marin Public Health asked school personnel to transcribe specific medical information from a student’s record to another Public Health form.

    However, this still violates FERPA because an obscure amendment to the law considers medical information as Personally Identifiable Information and an “indirect identifier”. NCES guidelines that schools must follow state that there must be a full set of public disclosures: “A privacy and data protection program for student education records must include an array of rules and procedures for protecting PII held in the record system. It also must include a full set of public disclosures of the existence and uses of the information included in the data system, a description of all parents’ or eligible students’ rights to review and appeal the contents of an individual education record and of their rights and the procedures to appeal a violation.”

    Entities releasing data (i.e. schools) are responsible for de-identification strategies that minimize the risk of disclosing PII. “Simple removal of direct identifiers from the data to be released DOES NOT constitute adequate de-identification.” The protocols for de-identification are very complex.

    Public Health Departments cannot require an educational institution to provide them with de-identified medical exemptions. And the Media has even less justifiable reason to obtain medical exemptions. Per 34 CFR 99.31(d), an educational institution is permitted but NOT REQUIRED to disclose education records without consent. So, if a school releases anything specific from a child’s medical file, the school does so INTENTIONALLY to violate the student’s privacy. And they cannot legally release ANY information if you have a Refusal to Record Share on file.

    The media DOES NOT have legal authority, per
    FERPA or California Law, to gather personal medical information from a student file for data collection, which is exactly what occurred in their exposes. The only data collection allowed under FERPA and CA Law is specific to a LEGITIMATE educational purpose.

Leave a Reply