PRIVACY OF STUDENT RECORDS AND FERPA
Protection of Personally Identifiable Information (PII): The School employs office procedures and password-protected computer systems to ensure the security of paper and electronic records. The School does not disclose specifics of its internal security procedures to students or the general public to protect the effectiveness of those procedures.
Access to social security numbers and other Personally Identifiable Information (PII) is strictly limited to those School Officials (see definition below) with a need-to-know. Each vice president is responsible for enforcement of this policy with regard to the information within his/her functional area. The Vice President for Institutional Effectiveness will be responsible for overall control of information release and will resolve any disagreements and make final decisions, in collaboration with other School administrators, as necessary in accordance with this Policy.
School Official: A “School Official” is a person employed by the School in an administrative, supervisory, academic, research, or support staff position; a person or company with whom the School has contracted (such as an attorney, auditor or accrediting agency); a person serving on the Board of Directors; or a student serving in an official position/capacity, or assisting a School Official in performing his/ her tasks.
A School Official can access a student’s record when and if the School Official has a legitimate educational interest in order to fulfill his/her professional responsibility (need-to-know). Such access does not constitute authorization to share that information with a third party without the student’s written consent.
Financial Aid Information: Certain information necessary for the administration of Federal Student Aid may be released to federal and state agencies, government contractors, student loan providers/servicers, and other parties.
Directory Information: School Officials may not disclose personally identifiable information about a student nor permit inspection of student records without the student’s written permission, unless such action is covered by certain exceptions permitted by FERPA. Under the provisions of the Act, the School may disclose information about a student if it has designated that the information is “Directory Information”. Colgate Rochester Crozer Divinity School has designated the following as Directory Information:
- student’s name,
- student’s address,
- student’s telephone number,
- student’s e-mail,
- ID pictures,
- major field of study,
- participation in officially recognized activities and sports,
- dates of attendance,
- grade level or enrollment status (e.g., full-time or part-time), and
- awards, honors, degrees conferred including dates.
The school will honor requests from students who seek a higher level of privacy by not disclosing Directory Information (upon written request by the student to the Registrar’s Office). Directory information will continue to be withheld until the student rescinds the request.
Students’ Rights under FERPA
Students have certain specific rights under FERPA, as follows:
Right to Review Educational Records: FERPA affords students certain rights with respect to their educational records. Students have the right to review their educational records within 45 days of the day the School receives a written request for access. Students requesting a review should submit to the Registrar a written request that identifies the record(s) they wish to inspect. The Registrar will notify the student of the time and place where the records may be inspected. If the records are not maintained in the office of the Registrar, the student will be advised of the correct official to whom the request should be addressed.
Right to Request an Amendment: Students have the right to request an amendment to educational records that are believed to be inaccurate. Students requesting a change must write to the staff member responsible for the record, clearly identify the part of the record they want changed, and specify why it is inaccurate. If Colgate Rochester Crozer Divinity School decides not to amend the record as requested by the student, the School will notify the student of the decision and advise the student of his or her right to a hearing regarding the request for amendment. Additional information regarding the hearing procedures will be provided to the student when notified of the right to a hearing.
Right to Consent to Disclosures: Students have the right to consent to disclosures of personally identifiable information contained in the student’s educational records, except to the extent that FERPA authorizes disclosure without consent. Disclosure without consent is permitted to law enforcement agencies or emergency services agencies in the performance of their duties or when student safety may be in jeopardy. Students wishing to provide a general release of information to a specific person or persons may complete a FERPA Release Form and submit it to the Registrar. Students requesting a higher level of privacy should also contact the Registrar.
Right to File Complaint: Students have the right to file a complaint with the U.S. Department of Education concerning alleged failures by Colgate Rochester Crozer Divinity School to comply with the requirements of FERPA. The name and address of the office that administers FERPA is:
Family Policy Compliance Office
U.S. Department of Education
400 Maryland Avenue, SW
Washington, DC 20202
Employee Policies: All employees are strictly enjoined to protect the personal information of students, including adherence to the following:
- Student PII shall not be removed from the premises or transported to other sites except with specific permission of the President. This includes not only paper documents but also student PII in laptop files or other forms of electronic media/storage.
- Employees shall utilize secure (complex) passwords for all electronic systems, and shall not store printed or written notes of passwords in their desk or work area.
- Employees shall not leave any documents or folders containing PII in any public areas of the campus, nor shall they leave such documents unattended within an unlocked office.
- Employees shall follow appropriate disposal practices to properly and securely dispose of physical and electronic sensitive information in a reasonable amount of time as such information is no longer needed.