4.8.2 Student Privacy Procedure

Federal Requirement 4.8. Distance and Correspondence Education

An institution that offers distance or correspondence education documents each of the following:


4.8.2. Student Privacy Procedure

An institution that offers distance or correspondence education has a written procedure for protecting the privacy of students enrolled in distance and correspondence education courses or programs.

Compliance Partial Compliance Non-compliance

NARRATIVE

Recognizing that unauthorized access to personal information is a growing problem throughout the world, the University of South Florida Sarasota-Manatee (USF Sarasota-Manatee) takes steps to ensure that the institution is protecting the privacy of students enrolled in distance and correspondence education courses or programs.

USF Policy 0-515, Protection of Electronic Personal Information, defines personal identity information as “information stored on electronic media which individually identifies someone in a manner which enables identity theft or fraud. Such information includes social security number, driver’s license number, Florida Identification Card number, date of birth, and personal financial information.” It does not include publicly available information that is lawfully available to the general public from federal, state, or local government records or widely distributed media.

USF Policy 0-515 restricts the collection and access of personal identity to that needed for official University business. The Division of Information Technology, a USF System resource, maintains storage. The data custodians and the Office of Information Security monitor access controls. USF Policy 0-515 specifies additional requirements: for example, processes for obtaining approvals for storing personal identity information in the University’s authorized technology systems and mobile devices, transferring personal identity information between approved technology systems for University business purposes, and handling incidents when personal identity information is compromised.

At USF Sarasota-Manatee, the Registrar has been delegated the responsibility of ensuring that information from educational records is released only to individuals and agencies that have a legitimate educational interest or have been granted legally authorized access. To increase USF Sarasota-Manatee employees’ awareness of the federal requirements under the Family Educational Rights and Privacy Act (FERPA) and their responsibility to protect student data, the Registrar offers an Online FERPA Tutorial, which includes information on the purpose of FERPA and the rights afforded to students. The tutorial also provides links to additional information on Privacy Requests and the Student Records Management Manual. With the Privacy Request Form, students can control their level of privacy or disclosure of directory information.
USF Sarasota-Manatee also recognizes that distance education students have unique needs in terms of protecting their personal identity information and has established procedures for these situations. For example, USF Testing Services provides proctoring services for distance education classes and has established Procedures for Protecting the Privacy of Students Using USF Testing Services. The procedures include a requirement that employees who administer and proctor tests sign the Confidentiality Agreement for USF System Testing Services.

USF Sarasota-Manatee does not have contractual agreements for the delivery of distance education courses or services with any vendors. Additional information on distance learning programs is provided in Comprehensive Standard 3.13.4a (Policy Compliance).

 

SUPPORTING DOCUMENTATION & EVIDENCE

Leave a Reply