Records Retention, Management and Security

Student education records are official and confidential documents protected by the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99.) The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education. FERPA defines education records as all records that schools or education agencies maintain about students. Access to and storage of records should follow FERPA and any local school district policy or guidance. Records containing personally identifiable information should not be removed from the school site.

In addition, New York State Education Law 2-d prohibits the unauthorized release of personally identifiable student, teacher, or administrator data (PII).

Questions regarding record safety and security should be directed your District Data Protection Officer or Administrator responsible for data security.

The NYS Archives

Record Retention & Disposition Schedule for Health
Provides a PDF document of information specific to only the Health Portion of the ED-1 schedule. For additional information on records retention use the NYSED link below. Please note- the schedule refers to the "Summary Record" this is the same thing as the Cumulative Health Record.

Records Retention - NYSED State Archives
Provides information on managing and storing both paper and electronic rds. Includes guidance, samples, and webinars on record storage. Content includes information on laws and regulations, disaster assistance, retention and disposition schedules, and workshops/webinars. Information specific to electronic records is included
.

Additional Resources

Developing a Policy for Managing Email
Provides guidelines for writing policies and procedures that will guide a program for managing email. Agencies and governments should adapt the guidelines to meet their own needs and capabilities, and continue to update their policies on an as­ needed basis (The University of the State of New York The State Education Department New York,  State Archives Government Records Services 2010)

Managing Confidential or Sensitive Records
This guidance is intended to provide advice on identifying, storing, and securing records that contain information that requires safeguarding or additional controls pursuant to and consistent with applicable law, regulations, or government-wide policies. Any content that contains personally identifiable information may fall into this category. Policy and procedures should address how information is protected from creation to final disposition and describe the staff’s responsibilities for handling confidential information during each stage. For example, the policy should cover the prompt reporting of any possible unauthorized access, use, or loss of information and the avoidance of email for transmitting confidential information (NYS Archives).

Page updated 7/14/2020