All Collections
SmartSuite Policy
HIPAA and FERPA Compliance
HIPAA and FERPA Compliance
Peter Novosel avatar
Written by Peter Novosel
Updated over a week ago


What is HIPPA?

HIPAA stands for the Health Insurance Portability and Accountability Act. It is a federal law enacted in the United States that focuses on the protection of sensitive health information. HIPAA was designed to safeguard the privacy and security of individuals' medical records and other health-related data.

The primary objectives of HIPAA are to ensure the confidentiality, integrity, and availability of protected health information (PHI) while promoting the portability of health insurance coverage. The law establishes standards and regulations that covered entities, such as healthcare providers, health plans, and healthcare clearinghouses, must follow to protect PHI.

SmartSuite will sign a HIPAA business associate agreement (BAA) under certain circumstances. Please contact our sales team if you require a BAA.


What is FERPA?

FERPA stands for the Family Educational Rights and Privacy Act. It is a federal law in the United States that protects the privacy of a student's education records. FERPA applies to all educational institutions that receive federal funding, including schools and colleges. The main purpose of FERPA is to give students (or their parents, if the students are under 18 years old) certain rights regarding their education records and to regulate how schools handle and disclose those records.

These rights include the right to access their records, the right to request corrections, and the right to control the disclosure of their information. FERPA also sets guidelines for schools on how they can share students' information with third parties and outlines penalties for non-compliance with the law.

Is there a FERPA Certification?

No, there is no official FERPA certification program or specific certification issued by the government or governing body for FERPA compliance. Compliance with FERPA involves implementing policies and practices that protect the privacy and security of students' education records.

Educational institutions are responsible for ensuring their compliance with FERPA regulations. While there is no official FERPA certification, institutions can engage in self-assessments or work with consultants or experts in the field of education privacy to evaluate and improve their compliance efforts.

How does SmartSuite support FERPA Compliance?

Maintaining the security and privacy of our customers’ data is our utmost concern at SmartSuite. Among other things, SmartSuite is currently undergoing SOC2 Type II and ISO27001 certification assessments. For more information on SmartSuite security and privacy practices, please refer to our Global Privacy Policy.

If you are an education sector customer and would like to learn more about how SmartSuite can assist you, please contact our sales team.

Did this answer your question?