4.8
An institution that offers distance or correspondence education documents each of the following:

 

4.8.2 Has a written procedure for protecting the privacy of students enrolled in distance and correspondence education courses or programs

Compliance Judgment:  In compliance

Narrative


East Carolina University (hereafter, ECU or the institution) has a written procedure for protecting the privacy of students enrolled in distance and correspondence courses or programs.  The institution’s FERPA Regulation includes the following: 

    5.4          Procedures for Protecting the Privacy of Students Enrolled in Distance or Correspondence Courses or Programs
 

5.4.1          East Carolina University recognizes the importance maintaining the privacy and security of student identity and student records in an environment of computer networked, digital records storage. ECU is diligent in protecting the security, confidentiality, integrity and availability of all student records including student identity. The University employs strict, standard security measures, policies, standards and guidelines in our ongoing effort to protect information resources, including student records. Student personal information is protected through a variety of measures, including the administration of policy and security practices that govern the PirateID and passphrase associated with accessing ECU’s OneStop Portal, the online system that houses student grades, Blackboard, Centra, and other services that support the educational process at ECU. Students are required to have a strong passphrase that is resistant to “hacking.” Students must reset their passphrase every 90 days and not reuse the account’s previous six passphrases. When students use their PirateID and passphrase to access information through OneStop and the university’s learning management systems, including Blackboard and Centra, their login credentials are encrypted for additional security. All mission-critical University systems, including student records, are maintained on network servers in the University’s enterprise data center. The enterprise data center employs state of the art layered security controls and physical access controls. Users of information systems are prohibited from accessing data or programs for which they are not authorized. 

 

ECU Faculty Manual

Faculty Manual: Part VI. Section IV.IA. Access to Student Educational Records

A. Access to Student Educational Records

The university administers student educational records in accordance with the provisions of the Family Educational Rights and Privacy Act, also known as the Buckley Amendment or FERPA. This regulation provides that the student has a right of access to student educational records maintained by the university or any department or unit within the university, subject to certain exceptions which are outlined in this regulation maintained. This regulation also protects the confidentiality of personally identifiable information in student records. Except to the extent allowed by applicable law, personally identifiable information contained in a student educational record will not be disclosed. A copy of this regulation is maintained by the University Registrar. All members of the campus community should be thoroughly familiar with this regulation and comply with its provisions.

Faculty Manual: Part VI. Section IV.IB. Privacy of Student Educational Records

O. Privacy of Student Educational Records

The university administers student educational records in accordance with the provisions of the Family Educational Rights and Privacy Act, also known as the Buckley Amendment or FERPA. This regulation provides that the student has a right of access to student educational records maintained by the university or any department or unit within the university, subject to certain exceptions which are outlined in this regulation maintained. This regulation also protects the confidentiality of personally identifiable information in student records. Except to the extent allowed by applicable law, personally identifiable information contained in a student educational record will not be disclosed. A copy of this regulation is maintained by the University Registrar. All members of the campus community should be thoroughly familiar with this regulation and comply with its provisions.

In summary, East Carolina University employs strict, standard security measures, policies, standards and guidelines in our ongoing effort to protect information resources, including student records.


Documentation

 

Reference Title

Location

Faculty Manual: Part VI. Section IV.IA. Access to Student Educational Records

Faculty Manual part6

Faculty Manual: Part VI. Section IV.IB. Privacy of Student Educational Records

Faculty Manual part6

Family Educational Rights and Privacy Act

FERPA

FERPA Regulation

2012_05_22__FERPA-PRR_2