Students may see any materials related to themselves, including e-mails. However, chairs and faculty should be careful not to include information on another student in any e-mail or other documents provided to the student requesting the information.
All University faculty are considered school officials and are required by law to maintain the confidentiality of student records.
Any school official who maintains specific records is considered a record custodian. At UF, the Office of the University Registrar (OUR) is the official custodian for academic records.
The release of any non-directory information about a student to any person - including the student’s family members - outside the university community or to any university personnel without a legitimate educational interest violates federal and state law, as well as university regulations.
FERPA and student records privacy and specific issues for faculty are outlined on the Registrar’s Office website: http://www.registrar.ufl.edu/staff/ferpafaculty.html and training for FERPA is available through the Privacy Office: http://privacy.ufl.edu/
Directory information is the information available about a student that is not considered harmful or an invasion of privacy if disclosed. While FERPA and state law protect the privacy of educational records, directory information is not treated as confidential and may be disclosed by the University without student consent unless the student requests a privacy hold. At UF, the following has been designated as directory information: Student name, local/permanent addresses and email address, telephone number(s), class and college, major, enrollment status (e.g., undergraduate or graduate level; full time or part time), dates of attendance at UF, degrees and awards received at UF, most recent previous educational institution attended, weight and height of university athletes, publication titles (dissertations), nature and place of employment at UF.
Nondirectory information refers to information that generally cannot be released without the student's consent. This includes: birth date, religion, citizenship, disciplinary status, ethnicity, gender, grade point average, marital status, UFID or social security number, grades/exam scores, standardized test scores, and actual number of hours enrolled.
Note: Nondirectory information may not appear in letters of recommendation provided for students, unless the student provides permission in writing for the information to be used. References to specific grades or GPA, for example, would be inappropriate without written permission.
Yes, but only under some circumstances. Under a very specific set of IRS regulations, there may be times when some academic information can be shared with parents or legal guardians. It is best to check with the Office of University Registrar and/or the UF Privacy Office BEFORE releasing any such information.
The more common options that may allow access are:
Privacy information regarding the rights of parents of students may be found on the Registrar’s Office website: http://www.registrar.ufl.edu/parents/ferpaparents.html
No. If a faculty member posts grades, a unique and confidential identifier (e.g., 4-digit number) should be used.
This unique identifier cannot be part of the student's name, UFID, or social security number. The grade lists must be arranged in random, not alphabetical, order.
The chair should be familiar with UF policies on information technology and data security. The UF Office of Information Security and Compliance (UF IT Security) issues guidelines and maintains policies related to email, virus protection for computers, copyright standards, laptop security, acceptable use of IT, and other areas of security vulnerability: http://it.ufl.edu/policies . UF IT Security provides a variety of informational resources that summarize best practices and expectations in this area: https://security.ufl.edu/faculty-staff/restricted-data/. Chairs and directors should immediately notify UF IT Security at firstname.lastname@example.org or email@example.com if you believe IT security has been breached. If you believe faculty, staff, student, or research data has been compromised, you should contact the UF Privacy Office at firstname.lastname@example.org.