In the process of normal day-to-day university activities, Augusta University collects large amounts of personal data on its students, faculty, and staff.
Much of this data is not sensitive, and is in fact publicly available. However, some of it is sensitive, including personal, financial, and legal information. Sensitive data include information protected by Georgia or federal law as well as that protected by university policy.
It depends on what kind of data you are referring to. Augusta University Web Services reserves the right to deny requests to assist departments with certain online data collection, such as the creation and/or distribution of third-party survey forms (i.e. Wufoo). While some data is perfectly fine to collect using such forms, other data should not be collected and stored in this way.
Most data collection methods (email, Wufoo, etc.) are not secure and connot be used to collect information that should remain secure. If collecting data through Wufoo is deemed appropriate, Web Services may require a password to view survey data.
The following are some prominent examples of data protected by state and federal law and university policy. Often, context plays a role in data sensitivity; thus, this list is not exhaustive:
The Family Education Rights and Privacy Act was enacted in 1974. FERPA protects the privacy of student education records. All educational institutions that receive federal funding, including Augusta University, must comply with FERPA.
How does FERPA apply to collecting/storing student data?
Generally, a student's records cannot be shared without specific written consent by the student. These records include grades, class lists, course schedules, disciplinary records, and financial records.
A 2008 update to FERPA clarified that schools use "reasonable methods" to ensure school officials have access to only those records they need.
FERPA does allow "directory information" to be collected and contained because it's not generally considered harmful or an invasion of privacy if disclosed. Examples of directory information include:
Under the Georgia Open Records Act, Augusta University is required to release this type of information as requested.
If you are handling or collecting critical information, such as Social Security numbers, financial information, driver's license numbers, or other sensitive personal data, determine if this information is really necessary.