As schools expand their distance-learning programs, governing boards are scrambling to make sure campus policies are keeping pace with innovation and federal law. For example, compliance with the Family Educational Rights and Privacy Act (FERPA, passed 40 years ago, is a significant challenge in this age of online and distributed learning. Because FERPA deals with the release of private information, and because digital technology can turn private information into public information so quickly, the risks are substantial.
Here’s what every school needs to know about FERPA:
-
It protects the privacy of student records and specifies who can access those records.
-
It defines what information a school can and cannot disclose about its students.
-
It applies to all schools that receive federal funds.
-
Its violators risk possible civil lawsuits and the loss of federal money. In British Columbia, a similar law applies—the Personal Information Privacy Act (PIPA) of 2004. Elsewhere in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA), which was passed in 2000 and updated in 2004, applies to seminaries but is not so restrictive as U.S. law.
First things first
When it comes to FERPA, administrators and boards have two responsibilities: first, to bring school policy into alignment with the updated law; second, to educate school personnel on the revised policy, its applications, and the high price of noncompliance. Faculty need to know what they can and cannot post on their course websites; how they should respond to outsiders’ requests for class rosters; and how to authenticate the identification of students who connect online to discuss issues such as grades and class performance.
As a general rule, a school should exercise caution before reporting even the most basic facts about students. FERPA allows for the release of “directory information”— names, majors, degrees, etc.—but only if a student hasn’t filed an objection to the disclosure. The law requires schools to notify students annually of their rights and responsibilities under FERPA and explain the procedures for exercising those rights.
FERPA and the e-classroom
What happens in the online classroom may not stay in the online classroom. For that reason, faculty and administrators who work with distance learners need to understand FERPA’s restrictions and take care to avoid unintentional violations. This may heighten the challenge of building camaraderie among online students, but creative instructors have found ways to work within FERPA’s restrictions. Among the stipulations that the law imposes:
-
Students enrolled in an online class can see the names of their course classmates but cannot see other identification data.
-
Students may opt out of posting their coursework online in ways that are visible to classmates. In such cases, the professor and those students who are opting out must agree on alternate plans for meeting the course requirements.
-
Grades or evaluative notes should never be posted where other students or third parties can view them.
Special dos and don’ts for advisors
Conversations between students and their faculty advisors often include discussions about grades, career goals, internship experiences, requests for references, and other personal topics. To ensure privacy, school policies should include an added level of security for these online interactions. For example, advisors should respond only to students using institutional e-mail addresses. In addition, before entering into a private dialogue, faculty should ask questions with answers that only the student would know. Above all, the advising staff should be clear on the differences between public and private information. With federal funding and possible litigation on the line, an ounce of caution is a small price to pay.
A longer version of this article includes a more complete analysis and references. To view the longer version, see www.intrust.org/FERPA. |