The Department of Education recently released a fourteen-page guidance document that intensifies the pressure on school districts, schools, and higher education institutions to examine and confirm the sufficiency of the procedures they use when engaging a service provider to host or process student data. A recent Hogan Lovells Education and Privacy Alert analyzes this guidance, through which the department has put entities covered by student privacy laws on notice of its expectations regarding their responsibilities when entering into these arrangements. Service providers who store and process student data on behalf of school districts and schools should therefore carefully consider the guidance and how it may affect the market for their services and the contractual demands from their education customers.
For a detailed analysis of the guidance document authored by members of the Hogan Lovells Education and Privacy and Information Management practices, click here.
Update: On April 1 at 1:00pm ET, Harriet Pearson, Maree Sneed, Bret Cohen, and Michelle Tellock, authors of the Hogan Lovells Education and Privacy Alert, will discuss the guidance and its implications for schools, school districts, and their service providers during a webinar hosted by the American Association of School Administrators. To register for the webinar, click here.