It is important to be reminded of the SIUC policy on Release of Student
Information. The Federal Educational Rights and Privacy Act (FERPA) and
University policy mandates that you protect the student information provided
to you via SIS access, as well as via other sources, from third-party
disclosure. The following guidelines will help you toward that aim:
A. Do not release any student information to a third party if the
student's SIS record is flagged as PRIVATE. (If asked about a
particular such student, it is appropriate to respond with "we
have no information on that person.")
B. Do not release student information that is not considered
"directory information".
* What is "directory information" on SIS?
- name
- home & local address/phone and e-mail
- current & past term status (full or part time)
- classification (Fr, So, etc.)
- academic unit and major
- dates of attendance
- degrees & honors earned (and dates)
- the most recent school attended prior to SIUC
- birthdate
* What is not "directory information" on SIS?
- Social Security number (SSN) or other student ID number
- PIN number for SalukiNet access
- gender
- ethnicity
- religion
- test scores
- class schedule
- grades & GPA
- most everything else!
C. Even "directory information" may not necessarily be released if the
release of that information would violate federal and/or state
regulations. For example, a business or financial institution that
issues credit or debit cards is prohibited from receiving personal
identifying information for students under 21 years of age (as per
the Southern Illinois University Management Act).
D. Do not release grades or student schedules, not even to parents,
friends, or spouses of students. If a request for the class location
or schedule of a student is the result of an emergency, then refer the
request to the Public Safety Department.
E. Do not post student grades using Social Security/student ID numbers or
such that individual identity is revealed to others.
F. Memorize your computer account passwords; if you must write them down,
do not store written passwords in an unlocked desk or anywhere near
your computer monitor where others can find them. Do not give your
passwords to others to use.
G. Position your computer monitor away from the view of others who may
enter your work area. If necessary, cover your monitor with a privacy
filter that will allow viewing of the display only from directly in
front of the monitor.
H. Do not leave your computer unattended when logged on to SIS or other
SIS-related systems such as SalukiNet and IQuest (unless you are using
a password-protected screen saver).
I. Carefully shred all printed student information documents that are no
longer needed, especially those that contain the student's name and
SSN together. Lock up any such documents that are still needed.
J. Do not leave printed student information documents in view of others
who may enter your office or workstation area. (Realize that certain
University employees will always have access to your work area even
after normal business hours.)
K. Properly dispose of electronic files that contain student information
that are no longer needed, especially those that contain the student's
name and SSN together. Secure any such files that are still needed.
L. Simply deleting electronic files from your computer's hard drive or
from a removable medium (such as a floppy disk) is not to be considered
as proper disposal, because such files are still actually present until
the storage space used by them is overwritten with other data. If you
need help in doing this, contact your departmental technical support
staff or LAN administrator, or else Information Technology.
M. The sharing of student information via e-mail (or other electronic
transmission methods) should be done with care, particularly with
regard to non-directory information. Unencrypted e-mail should not
be considered as private communication, since it has the potential to
be intercepted during transit. Do not send both student name and SSN
together via unencrypted e-mail or non-secured file transfer methods.
N. The Personal Information Protection Act state law that went into effect
in 2006 requires notification to any affected Illinois residents whose
personal information (defined as name and SSN together) is breached. A
University policy concerning this law has been created and is available
at www.siuc.edu/~policies/policies/prsnlinfoprotectionact.htm.
Student information may be released to other University employees, but only
on a "need-to-know for performance of duties" basis where the person has a
"legitimate educational interest" in the student information. The full text
of the University policy on Release of Student Information is available at
www.siu.edu/~docedit/policies/rlseinfo.html.
SIS access is granted to users for the specific job they are performing at
the time of application. When a person moves to another position, the SIS
access gained in the original position must be revoked. New application for
SIS access on the basis of the new position is then required. SIS access is
administered by the Office of Records and Registration.
*** Last update 03/15/2007 (mh) ***
|
Comments: Webmaster Copyright © 2007, Board of Trustees, Southern Illinois University |