Family Educational Rights and Privacy Act (FERPA)

Middle Tennessee State University is committed to protecting the personally identifiable information (PII) and educational records of its students.

As new software platforms are introduced and utilized throughout the University, employees are expected to adhere to MTSU Policies regarding access to educational records (Policy 500 - Access to Education Records); access control (Policy 960 - Access Control); and information security (Policy 920 - Information Security); among other Policies. In addition, and to reiterate the University's compliance with, and adherence to, the Family Educational Rights and Privacy Act (FERPA), employees are required to review annual FERPA training information. The FERPA training information particularly applies to all employee users of the University's existing, and new, internal platforms and software. Employees must also certify that they have read, and understand, the FERPA training information, which is provided internally.

For questions and/or concerns regarding FERPA, MTSU employees can consult any of the following internal offices:

  1. Office of University Counsel
  2. MTSU One Stop
  3. Office of the Registrar
  4. Office of Compliance and Enterprise Risk Management
  5. Information Technology Division (regarding data security, access, and access control concerns and/or needs)

For additional guidance and information on maintaining student educational records privacy during the COVID-19 pandemic, the following resource and guidance is available from the U.S. Office of Civil Rights and the U.S. Student Privacy Policy Office:

Investigations of FERPA noncompliance are conducted by the Office of Compliance and Enterprise Risk Management. Below is a description of the FERPA investigation review process: