Security of Student Records Held in Offices

Download Policy (PDF)

Effective Date: February 24, 2014
Issuing Authority: Provost
Policy Contact: Vice Provost, provost@mercer.edu, 478-301-2110

Purpose

This policy outlines the expectations for maintaining security, confidentiality, and integrity of student records.

Scope

This policy applies to all Mercer University employees, including student workers, temporary workers, and permanent staff.

Exclusions

None

Policy Statement

Confidential student records may include official academic records, advising records, teaching records, financial records, financial aid records, judicial records, health records, disability records, student activity records, and personally identifiable information, such as social security numbers.

 

All confidential data (electronic and hard copy) are to be maintained in such a manner that only

authorized personnel have access. Paper copies containing confidential information are locked in files and/or closets. Offices are locked after hours or when staff is not present. Keys to confidential files and offices are kept only by appropriate staff and use of confidential files is supervised by full time staff. Any electronic records maintained in separate databases from the University student information system are also password protected. All employees, including student workers, temporary, and permanent staff, sign a confidentiality statement when hired, regardless of the types of records to which they may have access.

Old files are destroyed after industry standard recommended times and all old electronic media are cleared of data. Individual employee computers are password protected and locked when staff members are away from the computer. Individual usernames and passwords must not be written down, posted, or shared with others. All Authorized Users are responsible for any use of their assigned individual account(s).

Each office maintains and makes available to employees a guide of policies and procedures for the security of records that contains any specific instructions appropriate to that office.

Additional Resources

For related policies on student record security, see:

<ADD LINKS>

Data Security Policy

IT Access and Use Policy

Email Access and Use Policy

Family Educational Rights and Privacy Act (FERPA)