The Children’s Online Privacy Protection Act (COPPA) does not apply to Infinite Campus. The Infinite Campus Products do not collect personally identifiable information (PII) from children under the age of 13. PII collected and maintained within the Infinite Campus products is entered by adults; either the child’s parent or guardian during an enrollment process or by the school officials that use our products to operate the school. Access to the system is granted to all users by the educational agencies and institutions (EAs) which license our products.
Please note that the collection, input, use, retention, disposal, and disclosure of any private information in our software applications are controlled solely by the EAs which license our products. Infinite Campus cannot delete, change, or disclose any information from our software applications controlled by the EA. To the extent parents, guardians or students have questions regarding the privacy associated with the applications provided by the EA, please contact that agency or institution.
Student records that are disclosed to Infinite Campus by EAs and maintained within Infinite Campus products are by definition “education records” under FERPA and not “protected health information” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Because student health information in education records is protected by FERPA, the HIPAA Privacy Rule excludes such information from its coverage. See the exception at paragraph (2)(i) to the definition of “protected health information” in the HIPAA Privacy Rule at 45 CFR § 160.103. See, also, Joint Guidance on the Application of the Family Educational Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to Student Health Records, USED and U.S. Department of Health and Human Services (November 2008).