HIPAA and FERPA compliance
  • 21 Sep 2022
  • 1 Minute to read
  • Dark

HIPAA and FERPA compliance

  • Dark

Article Summary


Airtable does not sign HIPAA business associate agreements (BAA) at this time. We work with a number of companies across medical industries who do use Airtable to manage business, research and other processes, but refrain from storing Personal Health Information (PHI) in doing so.


What is FERPA?

FERPA is a United States federal law that protects the privacy of students in certain educational records maintained by an educational agency, an academic institution, or a party acting for an educational agency or academic institution. The law applies to all academic institutions that receive funds from a Department of Education program. Rights under FERPA transfer from the parents of a student to the student when the student turns 18 years of age or enrolls in school beyond the high school level.

Is there a FERPA Certification?

There currently is not a certification program approved by the federal government that assesses third party-compliance with FERPA. Academic institutions must perform their own assessments to determine whether a third-party product or service affects their compliance.

How does Airtable support education-sector customers with FERPA Compliance?

Maintaining the security and privacy of our customers’ data is our utmost concern at Airtable. Among other things, Airtable is SOC2 Type II and ISO27001 certified. For more information on Airtable’s security and privacy practices, please refer to airtable.com/security and airtable.com/privacy.

If you are an education sector customer and would like to learn more about how Airtable can assist you, please contact our support team or your Airtable Account Executive.

Was this article helpful?