Financial Education Privacy & Compliance
NFEC Identifies Student Data Privacy Gaps in 10 State Financial Education Standards

An NFEC analysis finds financial education standards and legislation requiring activities involving sensitive personally identifiable information (PII), including Social Security numbers, birthdates, and home addresses, without clear safeguards for student privacy, compliance, or data security.

Across the United States, financial education standards increasingly require students to complete sensitive documents such as W-4s, loan applications, FAFSA forms, banking documents, and employee benefit paperwork as part of financial education coursework. These standards create significant compliance, privacy, and data protection concerns for students and can expose schools and program providers to serious risks if safeguards are not properly implemented. With no states requiring comprehensive educator training, the risks associated with these instructional activities become substantially more severe.

Student Financial Data Privacy & Security Risks

Instructional activities involving sensitive financial documents can create serious identity theft, privacy, and data security risks – especially when educators receive no training.

Students may be required to complete W-4s, I-9s, medical forms, student loan applications, and other sensitive documents containing Social Security numbers, full names, home addresses, date of birth, and employment information. When these activities are conducted in classroom settings, they can create significant privacy, identity theft, and data security risks if strict safeguards and secure handling procedures are not in place. Potential risks:

  • Student throws the form away
  • Teacher stores forms improperly
  • Forms shared digitally without safeguards
  • Classroom copies left unattended
  • Third-party platforms collect data

Federal Agencies Recognize Financial and Personal Data as High-Risk Information

Federal agencies including the Consumer Financial Protection Bureau, Federal Trade Commission, Internal Revenue Service, and U.S. Department of Education consistently recognize financial and employment-related information as highly sensitive data that requires strong privacy protections and secure handling procedures.

These agencies warn that documents such as tax returns, FAFSA forms, W-4s, I-9s, banking records, and loan applications contain information that can expose individuals to identity theft, fraud, unauthorized account access, and cybersecurity risks if improperly handled. The concern becomes especially significant in educational settings where students may be asked to complete or share sensitive financial information without comprehensive educator training in compliance, privacy, and data security procedures.

Protecting Sensitive Financial Data

States with High-Risk Financial Education Standards: Overview

The following states have adopted financial education standards that explicitly require or direct students to complete highly sensitive documents without any requirement to use fictional or sample data and without corresponding educator training in privacy protection or secure document handling.

  • Arkansas standards requiring completion of W-4s, I-9s, medical forms, life insurance forms, retirement forms, and employee benefit forms
  • South Carolina standards involving loan applications, W-4 and I-9
  • Washington standards requiring completion of IRS W-4 form
  • Virginia standards requiring banking account documentation and employment tax forms
  • Colorado legislation requiring the completion of federal or state financial aid forms and applications
  • Florida legislation requiring completion of a loan application and the Free Application for Federal Student Aid (FAFSA)
  • Pennsylvania standards requiring completion of federal, state, and local tax forms
  • Mississippi standards requiring W-4s, I-9s, and tax forms
  • Tennessee standards requiring FAFSA applications, W-4s, and 1040 tax forms
  • New York standards requiring students to complete a tax return form such as the IRS Form 1040
High-Risk State Standards

Breakdown of State Specific Privacy & Consumer Protection Risks

Arkansas

Two relevant documents are offered on Arkansas’s Personal Finance Standards page: Personal Finance Standards 2017 (Source) and Arkansas Department of Career Education, Financial Literacy Rev. 2017-2018, Financial Literacy Model Framework for the Approved Course titled Financial Literacy.

Under Personal Finance Standards 2017 Strand: Employment/Income; Content Standard: Students will understand payroll and how their salary is impacted. Students are tasked to:

PF.2.E1.4 Complete work related forms

  • W4
  • I9
  • Medical Forms
  • Life Insurance Forms
  • Retirement Forms

Arkansas Department of Career Education, Financial Literacy Rev. 2017-2018, Financial Literacy Model Framework. Course Title: Financial Literacy. Source

Under Performance indicator 1.3: Analyze income, payroll, and employment forms, students are tasked to:

  • 1.3.1 Examine and complete W-4, I-9, and employee benefit forms.

South Carolina

Researching the South Carolina standards for financial education, we find the following resource covering the entire Finance Cluster: South Carolina Department of Education, Finance Cluster Course Standards. Source

Reviewing those standards highlights the following course: Personal Finance, Course Code: 5141: Performance Indicator D. Managing Credit.

Students are tasked to complete the following: Students will demonstrate an understanding of the various types of debt and methods of managing personal credit.

  • Complete a loan application and evaluate an amortization schedule.

Secondly, the Virtual Enterprise Cluster also has relevant coursework: Virtual Enterprise Cluster Standards. Source

Virtual Enterprise 1, 2, 3, 4, Course Code: 5150, 5151, 5152, and 5153, Performance Indicator K. Personal Financial Management.

The standards require the following performance indicator: Proficient operations management professionals demonstrate appropriate financial management skills. The following accountability criteria are considered essential for students in the Operations Management program of study.

Students are tasked to:

  • Complete W-4 and I-9 forms.
  • File annual tax reports.

Washington

Washington State has financial education standards in place for grades K-12, laid out in the following document: Financial Education, Office of Superintendent of Public Instruction (September 2016). Washington State Learning Standards, Kindergarten – 12th Grade, Financial Education. Source

Update – the Initial Washington State K–12 Learning Standards for Financial Education was published May 2026 – these draft standards have eliminated some of the prior compliance issues but the standards still include the completion of the W-4 form. 

PRIORITY: FE.HS.EI.9 Students will know that tax deductions and credits reduce income tax liability. Students will use this knowledge to: 

  • Complete IRS Form W-4. 

Virginia

Virginia’s financial education benchmarks are presented in the following document: Virginia Department of Education, Economics and Personal Finance Standards of Learning (October 17, 2019). Source

Review of the standards points out the following strand, in which students are tasked to:

EPF12: The student will demonstrate knowledge of banking transactions by

  • c) preparing all forms necessary for opening and maintaining a checking and a savings account;
  • g) completing standard employment tax forms.

Pennsylvania

Pennsylvania lays out its standards for financial education in this document:  Pennsylvania Department of Education, Academic Standards for Grades K-12 (July 1, 2026). Source

Reviewing these standards, the following strand is relevant: Standard 17.2: Income; Substrand: Income and payroll taxes.

Students are tasked to:

  • 17.2.9-12.1. Complete various federal, state, and local tax forms.

Mississippi

Mississippi’s educational standards for personal finance coursework are found here: Mississippi Department of Education, 2022 Personal Finance (2022). Source

Upon review, this section is relevant to the risk question: Personal Finance – Course Code: 070128. Unit 2: Earning and Reporting Income. Competencies and Suggested Objectives:

  • Describe information and required forms relevant to the completion of state and federal income tax forms.
    • Complete pre-employment forms, such a W-4, a state income tax form, and an I-9.
    • Complete end-of-year tax returns (e.g., 1040, state tax form, etc.).

Tennessee

Tennessee’s standards for personal finance education are found in this document: Tennessee Department of Education, Personal Finance Standards (May 2025). Source

Standards review highlights this section for potential risk: Course Standard 2. Education, Careers, and Income

  • Students are tasked to: 2.3 Postsecondary Financing: Explore and evaluate options for financing postsecondary education. Demonstrate an understanding of Free Application for Federal Student Aid (FAFSA) requirements to apply for postsecondary education financial aid by completing an application.
  • Students also are tasked to: 2.5 Take-Home Pay: Describe factors affecting take-home pay such as tax withholdings, benefits (e.g., insurance, 401k), and plan payroll deductions. Complete a 1040 and a W-4 Employee’s Withholding Allowance paperwork and analyze the W-2 Wage and Tax Statement for federal income tax purposes.

New York

Financial education standards for New York are located here: New York State Education Department, Personal Finance Education Learning Objectives (March 2026). Source

  • Learning Objectives for Grades 9-12, Topic 3: Earning Income – The understanding of how income is earned and how taxes impact the money that is taken home.
  • Students are tasked to: 3.6 Complete a tax return form, such as the IRS Form 1040, using a hypothetical employer-provided Form W-2 to report wages.

New York standards reference hypothetical wage information; they make no mention of requiring hypothetical student data or establishing safeguards to ensure real personal information is not used during classroom activities.

Colorado

The following is taken from Colorado legislation enacted in May, 2025: From legislation HOUSE BILL 25-1192. Source

  • (b) “Local education providers have broad discretion to determine the method of implementing a financial literacy course, the curriculum and materials used for teaching a financial literacy course, including practicing filling out the federal or state financial aid forms, the licensing and certification requirements for teaching a financial literacy course, and existing local graduation requirements a financial literacy course may fulfill.”
  • (d) Information needed for, and practice filling out, the federal or state financial aid applications is a key component to understanding how additional training beyond high school can be financially supported. Additionally, practicing completing the federal or state financial aid applications, especially while students are still in high school, supports access to different career pathway options because financial aid is often the vehicle students use to pay for tuition, fees, equipment, and other expenses associated with additional training beyond high school.”

Florida

The following information is taken from the 2025 Florida Statutes: From legislation Title XLVIII, EARLY LEARNING-20 EDUCATION CODE, Chapter 1003

  • Completing a loan application
  • Costs of postsecondary education, including cost of attendance, completion of the Free Application for Federal Student Aid, scholarships and grants, and student loans.

While the Florida legislation could have posed a significant risk to students, Florida standards did not mirror it in a way that would have exposed children’s identities. Instead of requiring students to complete actual loan and FAFSA applications, the adopted standards used an approach that better protects youth and reduces the risk of exposing sensitive personal information.

  • SS.912.FL.5.6 Demonstrate an understanding of completing a loan application.
  • SS.912.FL.5.16 Instruction includes understanding the process and importance of completing the Free Application for Federal Student Aid (FAFSA).

Florida is unique because its latest standards address the issue in a compliant manner, even though the legislation and draft standards reference activities that put sensitive personal information at risk.

Student Data Privacy Risks Discovered During National Financial Education Policy Review

The privacy and compliance concerns identified in this analysis were uncovered during the development of two broader national policy reports examining the quality and structure of financial education in schools: the “National Evaluation of State Financial Literacy Mandates and Academic Standards Alignment” and the companion “National Rankings of State Financial Education Standards: State-by-State Ranking.” These reports evaluated whether state financial education requirements meet the same minimum academic standards commonly applied to core subjects such as math, science, and English – including instructional rigor, educator qualifications, curriculum structure, assessment practices, and accountability for measurable outcomes. During that review process, it became clear that many states now require students to complete highly sensitive financial and employment documents while offering little to no educator training related to compliance, privacy protection, cybersecurity, or secure handling of personal financial information.

National Evaluation of State Financial Literacy Mandates and Academic Standards Alignment

Policy analysis evaluating whether state financial education mandates meet the same minimum academic standards as core subjects, focusing on instructional time, rigor, educator qualifications, curriculum structure, and accountability for measurable student achievement.

National Rankings of State Financial Education Standards: State-by-State Ranking

Companion report that breaks down all 50 states’ rankings based on their alignment with core academic subject requirements, providing a clear comparison of how each state performs against established standards for quality, rigor, and student outcomes.

Please Help Us Take Action

We have provided form letters and contact information so you can reach out directly to the appropriate agencies and officials.

Please take a few minutes to help protect our children’s privacy and ensure students are not asked to complete classroom activities that expose Social Security numbers, birthdates, home addresses, or other sensitive personal information.

Your voice can help push for immediate corrective action before more students are put at risk.

State Standards PII Risk

Arkansas

  • Commissioner of Education: Jacob Oliva Email: Jacob.Oliva@ade.arkansas.gov
  • Attorney General: Tim Griffin Contact: Use the form at: https://arkansasag.gov/contact-us/
  • State Board of Education Chair: Adrienne Woods Email: Adrienne.Woods@ade.arkansas.gov
  • Student Data Privacy: Arkansas Dept of Education – Data Privacy Best Contact: Use https://ade.arkansas.gov/ (no direct public email listed)

Mississippi

New York

Pennsylvania

South Carolina

Tennessee

Virginia

Washington

Attention:

[Person Name], [Title]
[Person Name], [Title]
[Person Name], [Title]

Dear [State Education Leaders],

On behalf of the National Financial Educators Council Advisory Board, we are writing to bring attention to an urgent student privacy, compliance, and data-security concern identified in financial education standards being implemented in K-12 schools.

The National Financial Educators Council (NFEC) recently completed a national analysis examining privacy, compliance, and data-security risks tied to financial education standards across the United States. During this review, NFEC identified financial education standards within [State Name] that require or direct students to complete activities involving sensitive financial, employment, or tax-related documents as part of classroom instruction.

Examples identified in the review include:

[INSERT STATE-SPECIFIC STANDARDS LANGUAGE HERE pull from https://www.financialeducatorscouncil.org/financial-education-privacy-compliance-standards/]

We strongly support practical financial education and believe students should be prepared for real-world financial responsibilities. However, these activities may involve sensitive personally identifiable information, including Social Security numbers, birthdates, home addresses, wage information, tax-related information, and other personal financial data.

The review found limited guidance related to:

  • student privacy safeguards
  • secure document handling procedures
  • cybersecurity awareness
  • educator compliance training
  • use of hypothetical or fictional student data
  • prevention of unauthorized disclosure of sensitive information

Potential implementation risks may include:

  • unsecured digital sharing of forms
  • improper storage or disposal of records
  • classroom exposure of sensitive information
  • third-party platform collection of student data
  • inconsistent educator handling procedures

This is an urgent matter involving student privacy, identity theft risk, and protection of sensitive personally identifiable information.

We respectfully request that your office review these standards and provide information on any corrective action, additional safeguards, educator training requirements, or implementation guidance that will be put in place to reduce privacy, identity theft, compliance, and data-security risks before additional students are exposed to these classroom requirements.

The full national analysis and state-by-state review are available here:
https://www.financialeducatorscouncil.org/financial-education-privacy-compliance-standards/

Please let us know how the NFEC Advisory Board and United for Financial Literacy Advocacy Committee may support your office in reviewing, investigating, or addressing these potential risks. We would welcome the opportunity to provide additional information or assistance that may help protect students, families, and youth from unnecessary exposure to privacy, identity theft, compliance, and data-security concerns.

Thank you for your time and for your continued efforts supporting students and educational quality within [STATE NAME].

Sincerely,

Attention:

Attorney General [Last Name]
Consumer Protection Division
Privacy / Data Security Division

Dear Attorney General [Last Name],

On behalf of the National Financial Educators Council Advisory Board, we are writing to bring attention to an urgent student privacy, consumer protection, and data-security concern involving financial education standards being implemented in K-12 schools.

The National Financial Educators Council (NFEC) recently completed a national analysis examining privacy, compliance, consumer protection, and data-security risks tied to financial education standards across the United States. During this review, NFEC identified financial education standards within that require or direct students to complete activities involving sensitive financial, employment, or tax-related documents as part of classroom instruction.

Examples identified in the review include:

[INSERT STATE-SPECIFIC STANDARDS LANGUAGE HERE pull from https://www.financialeducatorscouncil.org/financial-education-privacy-compliance-standards/]

We strongly support practical financial education and believe students should be prepared for real-world financial responsibilities. However, these activities may involve sensitive personally identifiable information, including Social Security numbers, birthdates, home addresses, wage information, tax-related information, and other personal financial data.

The review found limited guidance related to:

  • consumer privacy and student data-protection safeguards
  • secure document handling procedures
  • cybersecurity awareness
  • training related to privacy compliance and secure handling of sensitive consumer information
  • use of hypothetical or fictional student data
  • prevention of unauthorized disclosure of sensitive information

Potential implementation risks may include:

  • unsecured digital sharing of forms
  • improper storage or disposal of records
  • classroom exposure of sensitive information
  • third-party platform collection of student data
  • inconsistent educator handling procedures

Because these instructional activities may involve sensitive consumer and financial information connected to minors and students, we believe this issue raises important concerns related to identity theft risk, fraud prevention, consumer protection, privacy safeguards, and data-security practices within educational settings.

This is an urgent matter involving student privacy, identity theft risk, and protection of sensitive personally identifiable information.

The full national analysis and state-by-state review are available here:
https://www.financialeducatorscouncil.org/financial-education-privacy-compliance-standards/

Please let us know how the NFEC Advisory Board may support your office in reviewing or investigating these potential risks. We would welcome the opportunity to provide additional information that may help protect students, families, and youth from unnecessary exposure to privacy, identity theft, compliance, and data-security risks associated with these classroom activities.

Thank you for your time and for your continued efforts protecting consumers, students, and families within [STATE NAME].

Sincerely,

State Legislation PII Risk

Florida and Colorado have financial education requirements in the legislation thut pur our students at risk for identity theft. While the other states have it in their standards – with CO & FL we will address it through their legislation.

Colorado financial literacy legislation wont be implemented until 2027 -2028.

Florida’s DOE is non compliant with the legislation – this is a good thing and kudos to FL DOE. But for safety, the legislation should be updated in case any changes occur in the future.

Colorado Contacts – Bill Sponsors

  • Rep. Anthony Hartsook (Republican) Primary House sponsor Email: Anthony.Hartsook@coleg.gov
  • Rep. Jennifer Bacon (Democrat) Primary House sponsor Email: Jennifer.Bacon@coleg.gov
  • Sen. Jeff Bridges (Democrat) Primary Senate sponsor Email: Jeff.Bridges@coleg.gov
  • Sen. Lisa Frizell (Republican) Primary Senate sponsor Email: Lisa.Frizell@coleg.gov

Florida Contact – Bill Sponsors still in office

Attention:

[Legislator Name], [Title]
[Committee / Office]

Dear [Legislator Name],

On behalf of the National Financial Educators Council Advisory Board, we are writing to bring attention to an urgent student privacy and data-security concern connected to financial education legislation in [State Name].

The National Financial Educators Council (NFEC) recently completed a national analysis examining privacy, compliance, and data-security risks tied to financial education standards and legislation being implemented in K-12 schools across the United States. During this review, NFEC identified language in [State Name] legislation that requires or directs students to complete activities involving sensitive financial, employment, tax-related, student aid, or loan documents as part of financial education instruction.

Examples identified in the review include:

[INSERT STATE-SPECIFIC STANDARDS LANGUAGE HERE pull from https://www.financialeducatorscouncil.org/financial-education-privacy-compliance-standards/]

We strongly support practical financial education and appreciate efforts to better prepare students for real-world financial decisions. However, legislation that directs students to complete documents involving Social Security numbers, birthdates, home addresses, wage information, tax-related information, employment records, student aid information, loan applications, or other sensitive personal data can create serious privacy, identity theft, compliance, and data-security risks if proper safeguards are not clearly required.

Our concern is not with teaching students how these forms work. Students should absolutely understand employment forms, tax documents, student aid processes, credit, loans, and other real-world financial systems. The concern is that legislative language should make clear that these activities must be completed using fictional profiles, redacted documents, sample data, or other safeguards that prevent students from entering real personally identifiable information.

The review found limited or no clear legislative guidance related to:

  • student privacy safeguards
  • use of hypothetical or fictional student data
  • secure document handling procedures
  • educator compliance training
  • cybersecurity awareness
  • prevention of unauthorized disclosure of sensitive information
  • data retention, storage, and disposal requirements

Potential implementation risks may include:

  • students entering real Social Security numbers, birthdates, addresses, or financial information
  • teachers collecting completed forms containing sensitive student data
  • unsecured digital sharing or uploading of forms
  • improper storage or disposal of records
  • classroom exposure of sensitive information
  • third-party platform collection of student data
  • inconsistent handling procedures across schools and districts

This is an urgent matter involving student privacy, identity theft risk, and protection of sensitive personally identifiable information.

We respectfully request that your office review the legislative language and consider corrective action, amendment language, implementation guidance, or clarification that ensures students are not asked to enter real personal data as part of classroom financial education activities.

Recommended corrective language may include requiring that any activity involving financial, employment, tax, student aid, loan, or similar documents be completed using fictional data, sample profiles, redacted forms, or other privacy-protective instructional materials.

The full national analysis and state-by-state review are available here:
https://www.financialeducatorscouncil.org/financial-education-privacy-compliance-standards/

Please let us know how the NFEC Advisory Board may support your office in reviewing or addressing these risks. We would welcome the opportunity to provide additional information, suggested safeguard language, or examples of privacy-protective standards that allow students to learn these important concepts without exposing their identities.

Thank you for your time and for your continued efforts to improve financial education for students in [State Name]. We share the goal of preparing students for real-world financial decisions, and we believe that goal can be achieved while also protecting student privacy and reducing preventable identity theft risk.

Sincerely,