FERPA Information for Faculty
Many of the commonly asked questions concerning FERPA (Family Educational Rights and Privacy Act) are listed below. Visit the FERPA glossary for definition of italicized terms. For additional questions, contact One-Stop Student Services.
Frequently Asked Questions
All University faculty are considered school officials and are required by law to maintain the confidentiality of student records. Any school official who maintains specific records is considered a record custodian. At the University of North Florida, the University Registrar is the official custodian for academic records.
The release of any non-directory information about a student to any person outside the University community or to any University personnel without a legitimate educational interest violates federal and state law, as well as University regulations.
Under federal law, FERPA violations may result in the loss of federal funding for UNF. Under state law, both UNF and you personally may be sued. Any breach of confidentiality could lead to disciplinary action, including the possibility of termination of employment.
All Enrollment Services employees who work with student records must sign the FERPA Agreement. This document explains that academic records may only be disclosed to or discussed with individuals with legitimate educational interest. Other staff and faculty on campus may be asked to complete the FERPA agreement prior to obtaining authorization to access student information. To complete the agreement, log on to myWings and click on Employee Resources box, then Employee Self-Service. Select the Personal Information tab at the top and click on "FERPA Agreement" in the menu. Carefully review the document and acknowledge your agreement at the bottom.
All UNF offices should consider developing a procedure for handling confidential academic records and ensuring that all staff are educated in these procedures. In addition, we strongly encourage you to require staff to acknowledge their understanding of such protocol in writing.
Faculty must have a legitimate educational interest in order to access a student's academic record.
- Please assign or allow students to choose a unique and confidential identifier (e.g., a 4-digit number). This unique identifier cannot be part of the student's name, UNFID or social security number.
- Grade lists must be posted in random, not alphabetical order.
- Web-based course management systems such as Canvas can be used to post grades if the system is secured by username and password. For assistance with Canvas grade posting, please contact CIRT.
- The Registrar's Office does not recommend sending grades by email because there is no guarantee of confidentiality with electronic transmission.
- You can send grades via fax or by telephone only if you are certain that the student is the one receiving the information. To verify the student's identity, you should confirm personally identifiable information with the student.
- You may also mail students their final grades. Have students provide self-addressed, stamped envelopes. You may not send grade notification using a postcard.
All faculty must utilize reasonable measures to preserve the confidentiality, security and integrity of University of North Florida information systems and the information contained therein. All teaching staff should practice appropriate security measures:
- Never disclose, share or loan your username(s) and password(s) to anyone (e.g., another employee, faculty member, supervisor, student assistant, etc.). Department staff or supervising faculty should obtain individual log-on information for graduate/teaching assistants. Security access for the student records system is available from Enrollment Services.
- Never use generic/group IDs when accessing confidential academic record information
In addition, faculty should take reasonable measures to restrict unauthorized persons from viewing confidential academic record information. For example, you should:
- Never leave your computer workstation unattended while signed on without appropriate screen locking (e.g., a password-protected screen saver)
- Never leave personal logon information (e.g., username, password, network mapping, etc.) in view of unauthorized persons
- Never program (or ‘hot-key’) automatic access to confidential academic record systems
You may share graded papers and exams only with the student, with others upon receiving the student's consent or with University officials in performance of official duties. Student papers or exams should not be left outside an office door where students must look through all the papers to find their own; students should not have access to other students' grades. While you may return papers and/or examinations by mail, the safest practice is to return papers personally to the student.
You can circulate an attendance roster, but it should not contain confidential information such as social security number, UNF ID number, and/or grades.
Faculty should discuss a student’s academic record only with that student or with University employees in the performance of official duties.
Faculty who utilize electronic teaching tools such as Canvas may wish to share students' email addresses or other personally identifiable information with others in the same class. This is permissible as long as students have an opportunity to decline. No information should be posted or disclosed for students with non-disclosure.
It depends. In general, a written release is recommended, not required, for letters sent to other educational institutions to which the student is applying and to professional school admission services. The release is required, however, when the recommendation is sent to an employer or to an individual for another purpose. (A release form is provided for your use; refer to the PDF at top of this page.)
Faculty may include information from personal observation or knowledge without the student's consent, but it is not acceptable for faculty to access a student's record to view grades/information from other classes and terms. If the recommendation will include non-directory/personally identifiable information (grades, GPA, class rank, etc.) obtained from the student’s academic record, you should obtain a signed release from the student. Releases should specify the information that may be disclosed, the identity of the party(ies) to whom the disclosure can be made, the student's signature and the date.
Documents containing non-directory information should be returned to the office as soon as possible for proper storage or destruction. Electronic files containing non-directory information stored on a flash drive should be password-protected, in case the drive is lost or stolen.
Instructor comments stored on Canvas are considered sole possession records. However, if a teaching assistant is assigned to the course and is able to view the comments, they become education records and are protected under FERPA.
It is recommended for faculty and staff to add this confidentiality statement to their email signature:
CONFIDENTIALITY NOTICE: This electronic mail transmission and any documents accompanying it may contain confidential information, protected by the Family Educational Rights and Privacy Act. Please protect the privacy of this information and do not forward this email. If you have received this transmission in error, please immediately notify the sender to arrange for the return of the message and any attached documents.
Communicating with faculty, staff, and students via personal email addresses is discouraged although not prohibited. For security and accountability purposes, it is recommended that someone communicate via email with others using UNF email addresses only.
Understanding FERPA: Practical Examples