46 Matching Annotations
  1. Jun 2024
    1. provide a letter of recommendation for a student that includes grades unless you have received written consent from the student to release this information for this explicit purpose.

      Can't put grades in a Letter of Recommendation without written consent

    1. If you teach several sections of the same course but the students do not interact with each other in a physical classroom or online, the courses cannot be merged in Carmen.

      if they are not combined in Colleague - they can't be in Canvas - good to know. It's not just an integration issue - its FERPA

    1. One is that, generally, higher education institutions can choose to release a students’ education records to both parents, provided that at least one parent claims the student as a dependent for tax purposes.

      INteresting - Baylor won't do this.

    2. “It should be clear that [the data] belongs to the school, not to the vendor, and that the vendor’s responsibility is to process it for the benefit of the school and its students, and not for the vendor’s own benefit,” McDonald says.

      FERPA and 3rd party Vendors

    1. “Law enforcement unit records” (i.e., records created by the law enforcement unit, created for a law enforcement purpose, and maintained by the law enforcement unit) are not “education records” subject to the privacy protections of FERPA. As such, the law enforcement unit may refuse to provide a parent or eligible student with an opportunity to inspect and review law enforcement unit records, and it may disclose law enforcement unit records to third parties without the parent or eligible student’s prior written consent

      Law enforcement records is not FERPA protectd

    1. Schools may disclose, without consent, "directory" information such as a student's name, address, telephone number, date and place of birth, honors and awards, and dates of attendance. However, schools must tell parents and eligible students about directory information and allow parents and eligible students a reasonable amount of time to request that the school not disclose directory information about them.

      Definition of Directory Information : name address phone date & place of birth honors and awards dates of attendance.

      Students can "opt out" of directory information.

    2. schools must have written permission from the parent or eligible student in order to release any information from a student's education record. However, FERPA allows schools to disclose those records, without consent, to the following parties or under the following conditions (34 CFR § 99.31): School officials with legitimate educational interest; Other schools to which a student is transferring; Specified officials for audit or evaluation purposes; Appropriate parties in connection with financial aid to a student; Organizations conducting certain studies for or on behalf of the school; Accrediting organizations; To comply with a judicial order or lawfully issued subpoena; Appropriate officials in cases of health and safety emergencies; and State and local authorities, within a juvenile justice system, pursuant to specific State law.

      Who you can release information to without student consent.

    3. The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.

      FERPA definitions

  2. May 2024
  3. Feb 2018
  4. Nov 2017
    1. What about FERPA? The student is controlling how much information is out there. Similar to a public blogging platform being run by a university, FERPA only requires that student records (and what constitutes a “record” is debatable) not be public unless a student gives permission. In this case if the student wanted to sign up and lock down their hosting they can certainly do that, no one is requiring them to make their information public. This also comes back to our strict privacy policy (see previous question)

      Interesting approach.

  5. Aug 2017
    1. our current practice and policy was on par with what universities needed. It then became an issue of specifically having a legally binding agreement that protected the universities, professors, and students.

      I really like this. "It's in our TOS but we're happy to sign something more/something legally binding."

  6. Feb 2017
  7. Sep 2016
    1. d  Provider  has  a  limited,  nonexclusive  license  solely  for  the  purpose  of  performing  its  obligations  as  outlined  in  the  Agreeme

      Here we are good and much better than, say, Genius:

      When you post User Content to the Service or otherwise submit it to us, you hereby grant, and you represent and warrant that you have the right to grant, to Genius an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense through multiple tiers) to use, reproduce, publicly perform, publicly display, modify, translate, excerpt (in whole or in part), create derivative works of, distribute and otherwise fully exploit all Intellectual Property Rights in and to such User Content for purposes of providing, operating and promoting the Service or otherwise conducting the business of Genius.

    2. Data  Transfer  or  Destruction

      This is the first line item I don't feel like we have a proper contingency for or understand exactly how we would handle it.

      It seems important to address not just due to FERPA but to contracts/collaborations like that we have with eLife:

      What if eLife decides to drop h. Would we, could we delete all data/content related to their work with h? Even outside of contract termination, would we/could we transfer all their data back to them?

      The problems for our current relationship with schools is that we don't have institutional accounts whereby we might at least technically be able to collect all related data.

      Students could be signing up for h with personal email addresses.

      They could be using their h account outside of school so that their data isn't fully in the purview of the school.

      Question: if AISD starts using h on a big scale, 1) would we delete all AISD related data if they asked--say everything related to a certain email domain? 2) would we share all that data with them if they asked?

    3. rovider  will  not  use  any  Data  to  advertise  or  market  to  students  or  their  parents.  Advertising  or  marketing  may  be  directed  to  the  [School/District]  only  if  student  information  is  properly  de-­‐identified

      This I am happy to say we seem to have covered. I think it should be higher up in the policy statement. See my annotations in the "Hypothes.is Reading" group here.

    1. It is best to assume that the student information you collect in your app is statutorily confidential, unless it is de-identified

      So, does our pseudonym policy help us here? Students needn't use their real names. Are email addresses "de-indentified" information?

  8. Jul 2016
    1. Metadata that have been stripped of all direct and indirect identifiersare notconsidered protected informationunder FERPA because they are not PII.

      But this data is only interesting from a consumer angle if it is linked to individuals.

    2. In order to create studentaccounts, the districtor schoolwill likely need to give the provider the students’ names and contact informationfrom the students’ education records, which areprotected byFERPA

      The basic info that h collects does categorize as PI according to FERPA.

      So creating accounts without email addresses would be a way to circumvent FERPA.

  9. Dec 2015
    1. the hostile environments so many experience when it comes to experimenting locally with ed-tech versus an almost infantile trust in our corporate overlords when it comes to outsourcing.

      How are both these things happening at the same time, though?

    2. little to no impact on the tech giants to which many K-12 schools, colleges, and universities blissfully outsource their innovation.

      There must be some kind of other disconnect here, though. I've always been asked about FERPA--mostly by teachers and professors who have in turn been pressured by administrators. Surely this must enter into conversations with Google Pearson, et al.

    3. What constitutes an education record is a bit blurry, making FERPA the bat it has become internally to shut down most conversations about sharing publicly on the web.

      Yeah, this is the problematic side effect of FERPA: it works against public use of the open web, a skill necessary for our students to practice.