200 likes | 349 Vues
Family Educational Rights and Privacy Act (FERPA) Overview. Mary Beth Myers Registrar, IUPUI mbmyers@iupui.edu November 9, 2011. BACKGROUND . Formerly called the Privacy Rights of Parents and Students. Commonly referred to as the Buckley Amendment after Sen. James Buckley (NY).
E N D
Family Educational Rights and Privacy Act (FERPA) Overview Mary Beth Myers Registrar, IUPUI mbmyers@iupui.edu November 9, 2011
BACKGROUND • Formerly called the Privacy Rights of Parents and Students. • Commonly referred to as the Buckley Amendment after Sen. James Buckley (NY). • Passed in 1974, amended in 1988, 1996, 1998, 2001, 2009. • Primarily provides students with access to their education records as well as privacy protection concerning release of those records. • All “educational agencies and institutions that receive funds under an applicable program administered by the Department of Education” must comply. • IU Release of Student Information Policy is derived from FERPA and must be at least as strict as the federal regulation.
REQUIREMENTS of INSTITUTION • To provide a student access to his/her education records (within 45 days of request). • To permit a student to challenge and possibly amend those records (University official so designated) • To obtain student written consent before releasing private information (unless covered by Exception). • To notify students of these rights at least annually (Website, email notice each term highlighting with link)
FERPA DEFINITIONS • Directory/public information: information contained in the record which would not generally be considered harmful or an invasion of privacy if disclosed (i.e., name, address, phone number, major, dates of attendance, admission, or enrollment status, campus, school, class standing, degrees and awards, activities, sports). • Personally identifiable/private information: information contained in the record which would generally be considered more sensitive or an invasion of privacy if disclosed (i.e., student identification number/social security number, grades, hours completed, GPA, current class schedule, parent name and address). At IU, this includes date of birth.
FERPA DEFINITIONS (cont.) • Eligible student:a student who has reached 18 years of age OR is attending an institution of postsecondary education and all former students. • Education Records:are directly related to a student and maintained by an institution or its agent • Education Records are NOT: • sole possession (lap drawer notes) • law enforcement unit records • employment records • medical records
Name Address & Phone (not at IUPUI) IU email Campus School of Division Class Standing Major Field of Study Dates of Attendance Admission or Enrollment Status Degrees and Awards Sports, Activities & Athletic Information PUBLIC INFORMATION AT IU
Restraint of Public Disclosure • Students who do not want all or some of the public information released to third parties may complete and submit a restriction form to the Registrar. • This restriction could also block information from appearing in the on-line address book or to classmates in Oncourse. • To remove the restraint, student would complete a removal form and submit it to the Registrar.
EXCEPTIONS Which the Institution “MAY” honor • “Legitimate educational interest/need to know” • school officials who need the information to perform their duties • faculty are considered advisors with legitimate educational need for their enrolled students, those seeking to enroll, or those they advise (IU Memo from Ken Gros Louis, May, 1999) • Parents of dependent students claimed with IRS • Copy of tax form required • Alternative is to encourage student to provide online Third Party Access to parents • “Lawfully issued” subpoenas • University Counsel review & student notification required • Subpoenas received should be forward to campus registrar
EXCEPTIONSWhich the institution “MAY” honor (cont.) • Various authorized government representatives • Audits or evaluation of education programs, • Compliance with Student & Exchange Visitor Information System – SEVIS • Solomon Amendment • Patriot Act, etc. • Health & Safety Emergency • Individual to whom the information is being disclosed must be in a position to address the situation (Police Dept, Psychological Services, etc.)
SCHOOL OFFICIALS • A person employed by the University in an administrative, supervisory, academic, research, or support position (including law enforcement personnel, health staff) • A person or company with whom the University has contracted (attorney, auditor, collection agent) • A person serving on the Board of Trustees • A student serving on an official committee (disciplinary, residency or grievance committees)or assisting another school official in performing his or her tasks.
Letters of Recommendation • Statements made from personal observation or knowledge do not require signed release • If personally identifiable information is obtained from student’s education record, writer required to obtain signed release • As part of education record, student has right to access unless student waives in writing
Primary Change in 2009 • Clarification on when and how information about students can be shared in an emergency. • New FERPA rules intended to help school officials respond to emergencies more quickly/effectively. • Regulations balance student privacy with school safety.
Health and Safety Exception • New 2009 FERPA • Totality of circumstances may be taken into account • Significant threat to student or others? May disclose to any person needing the information to protect. • Rational basis? Pass “Reasonableness” test? DOE will not substitute their judgment There has been much press about new FERPA CHANGES to the Health and Safety Exception. In reality, IU has historically followed the newly articulated process. New regulations intended to assist in clarifying and to clearly state DOE will not question institution decision given “reasonableness.”
Take Security Seriously Chronicle: August 21, 2007 More Than 100 Million Security Problems • The number of private records left open to identity thieves and others totaled 159,105,898 over the past three years, according to the Privacy Rights Clearinghouse, which updated the total this past weekend. • Many of these breaches happened at colleges and universities, which seem to have particular problems keeping private data private: Social Security numbers downloaded to unprotected laptop, laptop goes missing, etc. • Only the big problems make news. But a glance at the clearinghouse list for 2007 reveals how common the problem is in higher education. There were 53 breaches at colleges and universities through the middle of August, making them by far the biggest category of offenders. • But when is higher education going to get serious about safeguarding the private information of students, faculty, and staff?
Faculty “Don’ts” • Faculty should never post grades or scores by student identification number or even a portion of SSN (Note: Given new Indiana State Laws concerning SSN, this is even more critical for all Faculty to understand.) • Nothing in FERPA allows discussion of a student record publicly – even if lawsuit has made information matter of public record. • Graded materials may NOT be placed in an open area for student pick up. • Faculty may NOT pass “sign up” sheets around class requesting any student private information.
Tools and Resources • Office of the Registrar (4-1519) • Refer calls for directory information • Information on student FERPA restrictions • Guidance within Onestart/SIS • Website http://registrar.iupui.edu/confiden.html • Access, Confidentiality, Disclosure • FERPA Tutorial • Statement of Understanding
Tools and Resources (cont.) IU Release of Student Information Policy: http://ses.indiana.edu/polsAndProcs/releaseOfStudentInfo.cfm University Information Policy Office: http://informationpolicy.iu.edu/resources/safedata/laws.shtml
YOUR QUESTIONS…. • Can departments make public announcements of awards, scholarships, election to Phi Beta Kappa, etc. without consulting students? Can the information be sent by newsletter, email, etc? • Since IU has defined “Degrees and Awards” as part of our directory information we can make these public announcements as long as the student has not filed a restriction. We want to protect any student who has filed any type of restriction. (Grad School celebration example) • Can departments put instructors’ pictures on departmental websites automatically, or must permission be granted? • Not a FERPA issue unless that instructor is also a student. If a student, photograph has not been defined at IU as directory information so signed consent would be required.
Your Questions (cont.) • What can advisors tell and what must advisors NOT tell parents, instructors, and others requesting student information? What about background checks? • Advisors cannot tell parents and others who do not have legitimate education need any student information without student consent! Can only discuss with instructors if determined to have legitimate educational need. • “Third Party Access” currently available in SIS! • More and more e-mail messages are coming in from students that essentially require advising, in addition to phone calls and phone appointments. How can advisors and faculty be accommodating in these situations without violating FERPA? • FERPA requires that you not disclose private information to anyone other than the student (without signed consent). You need to be assured you are talking to that student. Ask questions from their record or from prior documented conversations until you are confident you are talking with the student in question.
Your Questions (cont.) If unsure……..DON’T DO IT!!!!