CREST Practitioner Security Analyst (CPSA) 2026 – 400 Free Practice Questions to Pass the Exam

The Family Educational Rights and Privacy Act (FERPA) is the legislation that governs the privacy of student educational records in the United States. Enacted in 1974, FERPA provides parents and eligible students with specific rights regarding the access to and privacy of student educational records. These rights include the ability to inspect and review records maintained by the educational institution, the right to request the amendment of records they believe to be inaccurate, and the ability to control the disclosure of personally identifiable information contained in educational records.

FERPA’s regulations specifically address how educational institutions must handle student records and the circumstances under which they can disclose information to third parties, thus ensuring the protection of students' educational privacy. This makes FERPA the correct choice when discussing the governing act related to student educational records, as the other options pertain to different areas of privacy and data protection. For example, GDPR deals with data protection and privacy in the European Union, GLBA focuses on financial privacy, and PCI DSS relates to payment card data security.