A course on FERPA would be tremendously helpful, I agree. I too feel that my campus is a little more strict than the actual guidelines which has caused confusion. A common issue we face in Financial Aid is how much information we can release to an admissions representative. If the rep has a student who is not returning calls or the phone numbers have been disconnected, they will call FA dept to see if we have any other numbers. Given that the enrolled student provides us with references and other information, how much of this can be passed on?
Melanie - Institutions do have varying policies on what info should be shared between departments. It sounds like yours has gone beyond the FERPA guidelines to restrict information from the admissions department. I have typically seen other contact numbers shared between departments but, references I have sometimes seen restricted for certain departments/purposes. I will have to review the FERPA guidelines for specifics as I want to ensure what I post is current.
I review every flyer, internet ad, letters for externship sites and placement partnerships before they go out. Each is reviewed for aesthetics, proper use of our corporate templates, and compliance with state, and accrediting standards.
I review them all, kick them back for corrections, and review them again. Our president also has a final approval of them all before they are published.
We typically use an established piece of material or a template when creating new material, which simplifies the process.
I totally agree with Steven. Sending a mystery shopper to our own school has been a very good way to identify where the school needed to focus the training session on and also realize what people can say when they do not know the answer of a question. We pushed our Admission Reps. to be as honest as possible and just request help from another employee if they don’t know an answer.
The information security network is one of the most important business areas in regards to creating a compliant culture. IT has ties to every department and a vast amount of information that is assessable and needs to be secure. The compliant culture begins with the careful selection of IT personnel with the utmost integrity as they will have an influence on the rest of the company. Keeping systems secure is an important task especially with today’s technology, mobility, and socialization. Having a proper compliant culture from information security will prevent the likeliness of information leaks, tampering, and fraud.
With regards to marketing it is important to maintain a high level of compliance to ensure that you do not misrepresent the product (in this case education) or falsely advertise a product you do not truly offer.
Michele - You are correct about the importance of compliant marketing. There has been increased emphasis on misrepresentation evidenced by the focus on this topic during the recent regulatory cycle. It is important for all to review the latest regulations related to this important topic.
It's true. If we fail in this, we can put the school at risk of being penalized. Besides losing the reputation of the school.
Information security is important because it crosses into all departments of a campus. FERPA regulations, for example, affect not just a single department but any school official with access to student records. By ensuring that all staff are properly trained on such regulations and keeping the guidelines handy for reference, a campus can maintain a culture of compliance.
Excellent point, Scott. Recognizing that regulations are not limited to a certain department and providing training on a broader basis fosters the concept of a compliant culture.
In today's regulatory environment, marketing is critical to creating a compliant culture. The new misrepresentation rules are very broad. It's imperative that businesses review marketing materials to make sure the information provided is accurate and that the statements made can be supported. Admissions reps and other employees won't always have the access to information to determine for themselves some of the answers to questions they get (such as placement statistics) and will be looking toward company-provided marketing materials for them. Therefore, marketing compliance will permeate the entire business and the culture of compliance needs to start there.
Great point, Nick. Schools need to ensure that employees know where/how to access the latest information to provide accurate data as requested.
Marketing - It is critical that advertising does not mislead or make promises to its students. It allows schools to compete without falsifying information. In our school, we have a brand guide in place that ensures compliance.
Ashley - it's great to hear that institutions are taking a proactive stance on compliance by establishing a brand guide. Thanks for sharing.
Marketing is an absolutely critical business function in creating a compliant culture in an organization. It is important that everything in a school's advertising material is 100% accurate and compliant so that students are not misled. My institution's Marketing Department holds weekly meetings with the Director of Regulatory Affairs to ensure that all of our marketing/advertising is accurate and compliant.
My biggest area of concern is with information security. With all the different agencies requesting information throughout the year, information security becomes a high priority. Recently, our state had a business luncheon to discuss the differences and additions to one of the reports we file with them on an annual basis. On this year's report, they were requesting the SSN for each of our students. Many in the audience protested and they settled on the last four instead of the full SSN. The state has no means of transmitting information in a secure manner. Very scary stuff which just gets more frightening each year.
As a consumer, I worry about the information that is available on each and every one of us. Last week, our Career Services manager gave me a quick demonstration of "confidential" stuff that can be obtained through a few simple internet searches. Not very encouraging! We all need to be mindful of information security.
In regards to information security, we have locked boxes throughout the building. A companycomes out and disposes of the materials. Be very aware when hiring such an company. You need to know what happens to the materials after they leave the premises.
Duane - I agree with your concerns. We need to be diligent in our respect for our students' security, even when the entity requesting it is a regulatory authority!
Laura -I agree that it is important for the school to validate the processes that occur when companies take documents offsite for destruction. A breach of security of such information would be considered the school's responsibility, even if the outsourced company is technically at fault.
Kristina, we agree with you at our school. We shred everything that has either a signature, credit card info or a social security number. We just find it more respectful of the students data, as well as compliant.