Faculty and staff handle sensitive student information every day—grades, assignments, financial aid, and personal identifiers. Protecting this data isn’t just best practice: it’s a legal requirement under FERPA.

Risks of Mishandling Data

• Privacy breaches exposing student records
• Legal and disciplinary consequences for non-compliance
• Loss of trust between students and faculty

Best Practices

• Store files only on UCLA-approved platforms such as UCLA Box, Google Workspace for Education, or the campus LMS.
• Never use personal email or consumer cloud services (Dropbox, Gmail, etc.) for student records.
• Use strong, unique passwords for all systems accessing student data.
• Enable MFA on every account that touches sensitive data.
• Avoid sending grades or student information over unencrypted channels.

When in Doubt

If you’re unsure whether a tool is approved for student data, consult UCLA’s IT resources or contact the help desk before using it.

Protecting student data safeguards not only compliance but also the trust of those we teach.