HIPAA and FERPA compliance

HIPAA

Airtable does not sign HIPAA business associate agreements (BAA) at this time. We work with a number of companies across medical industries who do use Airtable to manage business, research and other processes, but refrain from storing Personal Health Information (PHI) in doing so.

FERPA

What is FERPA?

FERPA is a United States federal law that protects the privacy of students in certain educational records maintained by an educational agency, an academic institution, or a party acting for an educational agency or academic institution. The law applies to all academic institutions that receive funds from a Department of Education program. Rights under FERPA transfer from the parents of a student to the student when the student turns 18 years of age or enrolls in school beyond the high school level.

Is there a FERPA Certification?

There currently is not a certification program approved by the federal government that assesses third party-compliance with FERPA. Academic institutions must perform their own assessments to determine whether a third-party product or service affects their compliance.

How does Airtable support education-sector customers with FERPA Compliance?

Maintaining the security and privacy of our customers’ data is our utmost concern at Airtable. Among other things, Airtable is SOC2 Type II and ISO27001 certified. For more information on Airtable’s security and privacy practices, please refer to airtable.com/security and airtable.com/privacy.

If you are an education sector customer and would like to learn more about how Airtable can assist you, please contact our support team or your Airtable Account Executive.