College Policy on Student Privacy

BETA

  • Quick Nav
  • Terms
    • [Coming Soon]
    • Search
    Official Cornerstone College & Seminary campus banner | College Policy on Student Privacy

    College Policy on Student Privacy

    Purpose:
    The purpose of this policy is to outline the college’s commitment to protecting the privacy and confidentiality of student information. This policy ensures that all personal, academic, and financial information related to students is handled in compliance with applicable privacy laws, including the Family Educational Rights and Privacy Act (if applicable) (FERPA), and best practices for safeguarding sensitive data.

    Scope:
    This policy applies to all faculty, staff, administrators, contractors, and any other individuals who have access to student information. It covers all forms of student data, including but not limited to academic records, personal information, financial aid details, and communications between students and the college.

    1. Definition of Student Information

    Student information refers to any personally identifiable information (PII) and educational records that the college collects, maintains, or stores in relation to a student’s academic or personal life. This includes but is not limited to:

    • Academic records (transcripts, grades, course schedules)
    • Personal identification information (name, address, Social Security number, student ID)
    • Financial records (tuition payments, financial aid, scholarships)
    • Disciplinary records
    • Medical or counseling records maintained by the college (subject to applicable privacy laws such as HIPAA)
    • Communications between the student and the college (e.g., emails, advising notes)
    1. Compliance with FERPA
    • The college complies (when required by law) with the Family Educational Rights and Privacy Act (FERPA), which grants students specific rights regarding their education records, including the right to:
      • Inspect and review their educational records
      • Request amendments to their records if they believe there is inaccurate or misleading information
      • Provide written consent before the college discloses personally identifiable information from their records, except in cases where FERPA permits disclosure without consent (e.g., to school officials with legitimate educational interests)
    1. Disclosure of Student Information
    • Student information will not be disclosed to any third party without the student’s written consent, except in cases where FERPA or other applicable laws permit or require disclosure, such as:
      • To college officials with legitimate educational interests
      • In compliance with a judicial order or subpoena
      • In connection with a health or safety emergency
      • To parents or legal guardians if the student is a dependent for tax purposes
      • To financial aid institutions or agencies in relation to financial assistance
    • Directory information (e.g., name, major, enrollment status) may be disclosed without consent unless the student has opted out of such disclosures by submitting a written request to the Registrar’s Office.
    1. Access to Student Records
    • Access to student records is limited to authorized personnel who have a legitimate need to view the records for academic, administrative, or legal purposes.
    • Faculty and staff must access student information only to the extent necessary to perform their job functions and in accordance with this policy.
    • Students may access their own records by submitting a written request to the Registrar’s Office. The college will provide access to requested records within 45 days, as required by FERPA.
    1. Security and Safeguarding of Student Information
    • The college is committed to implementing appropriate administrative, technical, and physical safeguards to protect student information from unauthorized access, disclosure, alteration, or destruction.
    • All student information stored electronically must be protected by secure login credentials, encryption, and regularly updated security protocols. Data stored in paper form must be kept in locked and secure locations.
    • Faculty and staff must take steps to ensure that student information, whether in electronic or paper format, is not left unsecured or exposed to unauthorized individuals.
    1. Student Rights
    • Inspection and Review: Students have the right to inspect and review their educational records maintained by the college. Requests must be made in writing to the Registrar’s Office.
    • Request for Amendments: Students may request that the college correct records they believe to be inaccurate or misleading by submitting a formal request to the Registrar’s Office.
    • Control over Disclosures: Students have the right to control who has access to their education records by providing written consent, except in situations where FERPA allows for disclosure without consent.
    1. Opting Out of Directory Information
    • Students who wish to prevent the college from disclosing their directory information must submit a written request to the Registrar’s Office within the first two weeks of each academic year.
    • The college will honor this request and ensure that directory information is not released to third parties, including potential employers or media, without the student’s consent.
    1. Data Retention and Disposal
    • Student records will be retained for the duration specified by federal, state, or institutional retention policies. Once records are no longer required to be retained, they will be securely disposed of in a manner that prevents unauthorized access (e.g., shredding of paper records, deletion of electronic files).
    • Any disposal of student information must be conducted by authorized personnel.
    1. Third-Party Contractors
    • Any third-party contractors or service providers that are granted access to student information must adhere to the same privacy and confidentiality standards outlined in this policy.
    • The college will enter into contracts or agreements with third parties that outline the permissible use of student data, safeguarding requirements, and compliance with applicable privacy laws.
    1. Training and Awareness
    • All employees who have access to student records or personal information will receive training on the college’s student privacy policies, FERPA compliance, and best practices for safeguarding sensitive data.
    • Faculty and staff are responsible for understanding their obligations under this policy and FERPA and will be held accountable for any breaches of student privacy.
    1. Breach of Student Privacy
    • Any unauthorized access to or disclosure of student information must be reported immediately to the Office of Compliance and the IT Department if applicable. The college will take appropriate steps to investigate and mitigate any privacy breaches.
    • Violations of this policy may result in disciplinary action, up to and including termination of employment or expulsion, as well as possible legal consequences.
    1. Student Complaints
    • Students who believe their privacy rights have been violated may file a formal complaint with the Registrar’s Office or the Office of the President.
    1. Review and Updates
    • This policy will be reviewed annually by the Office of Compliance and the Registrar’s Office to ensure continued compliance with FERPA and other applicable privacy laws.
    • Any changes to this policy will be communicated to students, faculty, and staff through official channels.