No./Title: EM100 – ANNUAL COMPREHENSIVE
FERPA NOTICE FOR STUDENTS
Resp. Office: REGISTRAR
Approval Body: CASA
Effective Date: 07/01/2014
Last Review: 07/06/2021
Next Review: 07/06/2024
Contact: University Registrar
The American Association of Collegiate Registrars and Admissions Offices maintains an excellent website of FERPA information https://www.aacrao.org/resources/ferpa. For questions about FERPA, contact the Office of the University Registrar at firstname.lastname@example.org or by calling 901-448-
Restrict Release of Directory Information Form is available at: https://www.uthsc.edu/registrar/documents/restrict-release-of-directory-information-form.pdf
A paper copy will be provided upon request.
Pursuant to the Family Educational Rights and Privacy Act (FERPA) and the UTHSC Confidentiality and Disclosure of Student Records Policy, this notice is for students, faculty, and staff to advise that the following student information is directory information subject to disclosure by the University upon request: name; email address (university-supplied); classification; full-time or part-time status; major field of study; dates of attendance; degrees and awards received; photographic, video, or electronic images and / or voice of students taken and maintained by the university; and most recent previous educational institution attended.
FREQUENTLY ASKED QUESTIONS ABOUT FERPA
What is FERPA?
FERPA is an acronym for the Family Educational Rights and Privacy Act of 1974, also known as the Buckley Amendment. This federal enactment establishes the legal parameters governing access to and release of student educational records.
Who is required to comply with the standards set forth in FERPA?
Any educational institution or educational administrative service that receives funds from the United States Secretary of Education must comply with the terms set forth in FERPA.
What does FERPA require of colleges and universities?
The Act encompasses six basic requirements of colleges and universities.
- Students must be annually notified of their FERPA rights.
- Students must be allowed to review their education records.
- Students must be allowed to request to amend their education records, with limited exceptions.
- Students must be allowed to limit disclosure of personally identifiable information contained in their education records.
- The college or university must undertake reasonable efforts to ensure that third parties do not re-disclose personally identifiable information and that the information is utilized by third parties only for its intended purpose.
- Records must be maintained of requests for and disclosure of student education records.
What are the consequences of non-compliance with FERPA requirements?
The consequences of non-compliance with FERPA requirements are serious. The Department of Education may cite the offending institution with official notice to cease the practice of non- compliance, and all funds administered by the Secretary of Education could be withheld from the institution.
Who has FERPA rights?
According to the law, a person becomes a student and has FERPA rights when they are “in attendance” at an institution. At UTHSC, we define a “student in attendance” as someone currently or previously enrolled in any academic program offering. This does not include prospective students or applicants to any UTHSC academic program. Students in attendance include attendance in person, via distance education or remotely by videoconference, satellite, Internet, other electronic telecommunication technologies, and individuals who are auditing course(s) and taking continuing education classes. FERPA becomes effective on the term of the first day of classes for those newly matriculating students who have scheduled at least one course. A newly admitted student who accepts an admissions offer but does not schedule at least one course and does not matriculate, or a newly admitted student who cancels his/her registration either before or after the semester begins, is not covered by FERPA. A student’s FERPA rights only expire upon the death of the student.
What are “education records”?
FERPA defines education records as any record that directly relates to a student and is maintained by an educational agency or a party acting on behalf of the institution. Examples of education records include, but are not limited to
- Degree Audit Reports
- Schedules of Classes
- Class Rolls
- Academic History Reports
- Grade Rolls
- Financial Records
The following items are NOT education records, as defined by FERPA
- Sole possession records (records kept in the sole possession of the maker, used as a personal memory aid and not revealed to others)
- Law enforcement records
- Employment records, provided the employment is not contingent upon being a student.
- Medical, psychological, counseling, or mental health records, that are maintained for treatment purposes
- Peer-graded papers, before they are collected and recorded by the instructor
- Post Attendance, education records created or received by the educational institution after the individual is no longer in attendance
- Education records, not directly related to the individual’s attendance as a student
Who may have access to personally identifiable education records?
FERPA allows University officials and officials of agencies acting on behalf of the university with “legitimate educational interest” to access personally identifiable education records. A University official is a person employed by the University in an administrative, supervisory, academic or research, or support staff position (including law enforcement unit personnel and health staff); contractors, consultants, volunteers and other outside parties to whom the institution has outsourced institutional services or functions instead of using University employees or officials (such as an attorney, auditor, or collection agent); a person serving on the Board of Trustees; or a student serving on an official committee, such as a disciplinary or grievance committee, or assisting another school official in performing his or her tasks.
What is directory information?
Directory information is information about a student that is not generally considered harmful if disclosed. Directory information may be disclosed UNLESS the student has invoked the FERPA right to limit disclosure of that information.
- Email address (university-supplied)
- Most recent previous educational institution attended
- Graduate or Undergraduate level (full or part-time)
- Full-time or Part-time status
- Major Field of Study
- Dates of Attendance
- Degrees and Awards
- Participation in Officially Recognized Activities
- Photographic, video, or electronic images and / or voice of students taken and maintained by the university
What is NOT directory information?
All non-directory information the university maintains about a particular student, including such information as
- Social security number
- Term and cumulative GPAs
- Student schedule
- Academic history
- Academic standing
Are UTHSC students notified about FERPA rights?
UTHSC students are informed each semester about their FERPA rights. Updates are also posted at https://www.uthsc.edu/registrar/documents/ferpa-faculty-and-students-notice.pdf
How do students invoke their rights to limit the disclosure of directory information?
Students wishing limited disclosure may submit a request with the University Registrar. We will suppress your directory information in the UTHSC Directory, and will exclude the directory information by contacting the IT department and notifying the Banner Student Information System that you have restricted release of public or student directory information without written consent. Students who have questions may visit the Office of the Registrar, 910 Madison Ave, Suite 520 or contact us at 901-448-5568 or email@example.com. The Restrict Release of Directory Information Form is available at: https://www.uthsc.edu/registrar/documents/restrict-release-of-directory-information-form.pdf
A paper copy will be provided upon request.
FERPA permits the University to disclose directory information without a student’s consent unless a student, prior to the 14th calendar day after the term begins, notifies the Office of the Registrar in writing of his or her desire to restrict directory information from being published.
If students opt out of the release of directory information, how will this impact inclusion in the University Commencement Program and UTHSC marketing and communication materials?
By opting out of directory information, the University will not include or use the student’s photo, image, and/or voice in any and all University of Tennessee Health Science Center and/or University of Tennessee newsletters, articles, news releases, brochures or other communications and marketing materials. During the first day of classes for the term in which the student plans to graduate, the student MUST file a written request with the Registrar’s Office to have his or her name included in the official Commencement Program.
May faculty members post the grades of their students?
Grades MAY NOT be publicly posted by student names, by Student ID numbers, by Social Security Numbers, or by any other personally identifiable means. Public posting includes printed lists or Web sites. Grades are posted in the Learning Management System (LMS) and the Student Information System (SIS). Each system requires the authentication of the user to view grades.
What may faculty members include in their letters of recommendation for students?
Recommendations that are made by personal observation or knowledge do not require a student’s written permission. If personally identifiable information from a student’s education record, such as grades or GPAs, is included, a signed release from the student is required. The release must:
- Specify the records that may be disclosed;
- State the purpose of disclosure;
- Identify the party or class of parties to which disclosure may be made;
- Be signed and dated by the student.
Can UTHSC verify the authenticity of my educational records?
UTHSC may attempt to confirm the authenticity of a transcript, letter of recommendation, or other record by sending the suspicious record back to the school official from whom the record supposedly originated. The school official may confirm or deny that the record is authentic and, if it is not authentic, the school official may send the correct record. The institution is not required to notify the student that the institution suspects a document is fraudulent.
In the event of a health or safety emergency, can the school disclose information to my parents?
Yes. If a health emergency involves their child, UTHSC is permitted to disclose information from education records to parents. However, the disclosure of the information is limited to what is deemed necessary to manage the emergency situation.
If a student is in violation of alcohol consumption and controlled substance rules can parents be informed?
Yes. If a student is under the age of 21, UTHSC is permitted to inform parents of any violation of law or policy concerning the possession of alcohol or controlled substances.
Can law enforcement unit records be disclosed to my parents?
Law enforcement unit records can be disclosed to anyone including parents, federal, state and local law authorities WITHOUT the consent of the student. UTHSC has its own campus police unit, as do many colleges and universities. Any records maintained by these units are exempt from privacy restrictions of FERPA.
Can UTHSC disclose information to parents of dependent students?
Under FERPA, UTHSC may disclose any and all information to parents who have students that
are dependent for tax purposes or if students voluntarily provide a waiver consenting to release of information WITHOUT their consent.
FERPA and parents of dependent students
A “dependent student” means a child under the age of 23 who is a student and who is claimed by a parent as a dependent of the parent on the parents’ Federal Income Tax Form (104). FERPA allows the disclosure of non-directory information about the student to the parent if the institution can establish the dependency status of the student.
- The parent(s) should make their request in writing, indicating the particular records requested and declaring specifically that the student is the requestor(s)’s dependent.
- The institution must ask for the Federal Income Tax Form filed by the parents for the most recent tax year. The institution is not entitled to maintain a copy of that federal tax form; so verification is made and noted on the written request for records and the tax forms are returned to the parent(s).
- Since FERPA rights belong to the eligible student, the institution should notify the student that his or her parent(s) have asked to review records. Like the advice that is mailed out upon receipt of a subpoena for records, the institution should instruct students that records will be provided to their parents for review on a particular date. If a student responds that he or she does not want the records shared with his or her parent(s), the institution should refer the parent(s) back to the student. At this point, in order to provide access to the student’s records, a prior, written consent is required from the student.
Of course, the problem may arise when students indicate that they do not wish the institution to share records with their parent(s). Because the student is an adult and guaranteed full rights under FERPA, the recommendation in this case is that the institution refer the parent(s) back to the student. Our effective, non-emotional approach is to provide the parent(s) with a copy of our Annual Notification and explain that the privacy of student records is governed by federal regulations that guarantee students certain rights.
What are possible federal and state data collection and uses?
As of January 3, 2012, the U.S. Department of Education’s FERPA regulations expand the circumstances under which education records and personally identifiable information (PII) contained in such records – including Social Security Number, grades, or other private information – may be accessed without student consent. First, the U.S. Comptroller General, the U.S. Attorney General, the U.S. Secretary of Education, or state and local education authorities (“Federal and State Authorities”) may allow access to student records and PII without student consent to any third party designated by a Federal or State Authority to evaluate a federal – or state – supported education program. The evaluation may relate to any program that is “principally engaged in the provision of education,” such as early childhood education and job training, as well as any program that is administered by an education agency
or institution. Second, Federal and State Authorities may allow access to education records and PII without student consent to researchers performing certain types of studies, in certain cases even when we object to or do not request such research. Federal and State Authorities must obtain certain use-restriction and data security promises from the entities that they authorize to receive PII, but the Authorities need not maintain direct control over such entities. In addition, in connection with Statewide Longitudinal Data Systems, State Authorities may collect, compile, permanently retain, and share without student consent PII from education records, and they may track participation in education and other programs by linking such PII to other personal information that they obtain from other Federal or State data sources, including workforce development, unemployment insurance, child welfare, juvenile justice, military service, and migrant student records systems.
Where can I find more information about FERPA?
The American Association of Collegiate Registrars and Admissions Offices maintains an excellent web site of FERPA information https://www.aacrao.org/resources/ferpa
For questions about FERPA, contact the Office of the University Registrar at firstname.lastname@example.org or by calling 901-448-5568.
What is the complaint procedure?
A complaint must contain specific allegations of fact giving reasonable cause to believe that a violation of the Act has occurred.
The Office investigates each timely complaint to determine whether the educational agency or institution has failed to comply with the provisions of the Act.
A timely complaint is defined as an allegation of a violation of the Act that is submitted to the Office within 180 days of the date of the alleged violation or of the date that the complainant knew or reasonably should have known of the alleged violation.
The Office may extend the time limit for good cause shown.
If I want to file a FERPA complaint, who do I contact?
UTHSC FERPA Compliance Officer
The Registrar serves as the UTHSC FERPA Compliance Officer and investigates possible FERPA violations and misconduct on campus. If you believe your FERPA rights have been violated or there has been a failure to comply with FERPA at UTHSC, please contact:
- The UTHSC Registrar’s Office at 901-448-5568 or email@example.com
- Location: 910 Madison Avenue, Suite 520 Memphis, TN 38163
Federal FERPA Compliance Office
An eligible student may file a written complaint with the Family Policy Compliance Office
(FPCO) regarding an alleged violation under the Act. The name and address of the Office that administers FERPA is:
Family Policy Compliance Office
U.S. Department of Education 400 Maryland Avenue, SW Washington, DC 20202-5901
The Office of the Registrar will provide a paper copy of any or all FERPA requirements upon request.
Effective: July 1, 2014
Revision: May 1, 2016, Committee on Academic and Student Affairs (CASA) Revised: May 15, 2018, CASA
Chancellor Approved: May 23, 2018
Reviewed: July 6, 2021, CASA
Approved: July 6, 2021, Chief Academic Officer