Important Information Regarding Third Party Resources

It has become quite common to read articles in The Chronicle of Higher Education or hear news stories about security breaches at colleges and universities around the country. While MU has been fortunate thus far, this is an issue the campus takes very seriously.

Faculty members have access to federally-protected information covered under the Family Educational Rights and Privacy Act (FERPA), which protects certain types of information about students, past and present. Simply disclosing the fact that a particular student is enrolled in a course could violate students’ legal rights and put the faculty member – and the university – at risk of legal action. Worse, it could compromise the safety of the student; there are cases where stalkers have creatively used enrollment information to terrorize their victims.

One way in which problems of this nature may occur is in the use of third parties to provide services. Examples include book publishers who offer online activities for students, course management software companies, online admissions processing companies, popular “blogging” or discussion board sites, etc. To guard against illegal activity and to protect privacy, it is important that MU use systems and services already approved and available from centrally-supported MU departments or, that we develop contracts that ensure vendors are aware of and responsible for meeting our data privacy requirements.

All applications and services that utilize student records need extra attention to comply with federal law and to protect sensitive information. Please utilize the resources available through Division of IT, the Registrar’s office or ET@MO before engaging in such activities (contractual or informal) with a third party for any student related service.

Tips

Use existing MU services and infrastructure that are provided by the appropriate units; don’t agree to have your student data (names, grades, discussion boards, student projects, etc.) stored outside of MU’s control
Talk with Division of IT and ET@MO about specific needs you have which are not currently available and/or supported by MU
Protect your students’ privacy; don’t share information about students with a third party (See FERPA guidelines for exceptions)
Keep your electronic devices (laptops, desktops, servers, PDA’s, etc.) secure, don’t leave devices where they could be stolen and hacked off site.
Keep your own PawPrint password safe; don’t share it with peers, TA’s
Consult with MU Administrative Services regarding contracts that involve sensitive FERPA-related information