Coding Rooms & FERPA
At Coding Rooms, we are fully committed to preserving the privacy and security of our users’ data. This includes ensuring that our customers in the education sector are compliant with the Federal Education Rights and Privacy Act (FERPA). Information Security and Privacy are both key components central to FERPA compliance.
How does Coding Rooms protect user data?
In addition to developing our products with a privacy-by-design methodology, we consistently monitor our infrastructure and conduct vulnerability scans and penetration tests to evaluate our security posture and identify new threats.
What is FERPA?
FERPA is a U.S federal law that protects the privacy of student educational records. FERPA gives parents certain rights with respect to their children’s education records. These rights transfer to the student when he or she reaches the age of 18 or attends school beyond the high school level.
Where is FERPA compliance required?
FERPA applies to all academic institutions that receive funds under applicable U.S. Department of Education programs.
What are “educational records”?
Education records directly relate to a student and are maintained by an educational institution or by a party on behalf of the agency or institution. Audio, video, and chat recordings and streams may be considered education records under certain circumstances and may require parental consent if a minor is under the age of 18. More information on this topic can be found at the ed.gov website.
Are there any FERPA certification programs?
No. Currently there are not any specific FERPA certification programs to assess third-party compliance. The academic institution must perform its own assessment to determine if a product or service affects its ability to comply.
How does Coding Rooms help with FERPA compliance?
To assist with FERPA compliance, Coding Rooms meets and/or exceeds industry standard privacy practices and technical security measures to ensure that user data is protected. Our security and privacy measures include:
- Various features within our virtual classrooms that enable security, such as passwords and user management (muting, blocking, ejection)
- Protecting data in transit by TLS 1.2 and at rest using 256-bit Advanced Encryption Standard (AES-256)
- Leveraging the physical and environmental protection of our data center providers. Coding Rooms hosts servers with Amazon Web Services (AWS). AWS has certification for compliance with ISO/IEC 27001:2013, 27017:2015, 27018:2019, and ISO/IEC 9001:2015. All hosting facilities have 24×7 manned security and monitoring through multiple layers of physical security controls including perimeters fences, manned lobbies, surveillance cameras (CCTV), man trap, locked cages, motion detectors, and biometric access requirements.
- Not monitoring, viewing, or tracking the chat, video, or audio content of your virtual classrooms
- Not sharing customer data with third parties
- Not storing customer data other than account information which consists of email address use for UserID, first and last name, optional company name, optional phone number, and optional profile picture