It's a New Day in Public Health.
The Florida Department of Health works to protect, promote & improve the health of all people in Florida through integrated state, county & community efforts.
Privacy of Student Health Record
This page provides links to privacy requirements and information that impact schools and student records.
1. Section 1002.022, Florida Statute, Student records and reports; rights of parents and students; notification; penalty. This purpose of this section is to protect the rights of students and their parents with respect to student records and reports as created, maintained, and used by public educational institutions in the state.
2. The Family Education Rights and Privacy Act (FERPA) - 20 U.S.C. § 1232g and regulations 34 C.F.R. § 99. FERPA defines and provides privacy protections for educational records when such records are held by educational institutions that receive federal funds. FERPA defines education records as those records, files, documents and other materials that contain information directly related to a student and that are maintained by an educational agency or institution.
U.S. Department of Education:
- Joint Guidance on the Application of the Family Educational Rights and Privacy Act (FERPA) And the Health Insurance Portability and Accountability Act of 1966 (HIPAA) to Student Health Records.*
- FERPA Law: www.ed.gov/policy/gen/reg/ferpa/index.html
- FERPA General: http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html
- FERPA Guidance for Students: www.ed.gov/policy/gen/guid/fpco/ferpa/students.html
Florida Department of Education:
- Technical Assistance Paper - The Family Educational Right and Privacy Act (FERPA): www.sss.usf.edu/resources/format/taps/2009/2009_103.pdf
- FLDOE - FERPA Fact Sheet: http://www.fldoe.org/core/fileparse.php/3/urlt/03-10ferpafactsheet.pdf
3. Health Insurance Portability and Accountability Act (HIPAA) - Public Law 104-191. HIPAA is intended to promote the confidentiality of individually identifiable health information and mandates that covered entities and providers engaged in certain types of transactions comply with the privacy requirements of the rule.