SIS Security Information

SIS Users Do

  • Familiarize themselves with "FERPA" regulations
  • Familiarize themselves with "Acceptable Use of Computing and Information Technology Resources"
  • Understand "directory information"
  • Ask if you are unclear as to how a situation or request should be handled
  • Refer people to Student Affairs (x2020) if an emergency develops such that you are contacted by a relative or other person who needs to know a student's whereabouts 
  • Lock all rooms, cabinets, and drawers where paper records are stored
  • Use password-activated screen savers
  • Refer calls or other official student information requests to the University Registrar's Office
  • Recognize any fraudulent attempt to obtain student information and report it to either the University Registrar's Office, the Provost's Office or the University Attorney's Office
  • Shred all documents that have student information
  • Have students write protected academic record information, such as a student ID number or any other identifier, on paper rather than stating it "aloud" if others are present and in earshot (give paper back to student when done)
  • Keep voices down when discussing private student issues when others are present
  • Have a confidentiality notice at the bottom of e-mail such as:
    • Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and delete all copies of the original message.
  • Have a notice similar to the above at the bottom of fax cover sheets when faxing to a non-private/unsecured fax machine

SIS Users Don't

  • Share passwords or passphrases
  • Leave machines logged in and unattended
  • Give out student information over the phone
  • Release information to spouses, sisters, brothers, parents, girlfriends/boyfriends or other third parties
  • Post passwords or passphrases near employee's computers

Memorandum from the Office of General Counsel

FERPA

CWRU Information Technology Services Ethics Policy

Student Information System

A Final Word

Any SIS user who releases confidential student information to a third party shall be subject to disciplinary action up to, and including, dismissal.