FERPA was created in order to protect the privacy of student
education records. This federal law provides guidelines as to
who may access educational records and what they may do with
them (students may request amendments to their educational records).
For additional information please see the NDSU FERPA document
at:
http://www.ndsu.edu/general_counsel/Ferpa%20Newsletter.pdf
or visit the Department of Education information sheet at:
http://www.ed.gov/policy/gen/guid/fpco/ferpa/index.html
You can also find
additional information at Wikipedia:
http://en.wikipedia.org/wiki/Family_Educational_Rights_and_Privacy_Act
HIPAA is a law enacted in 1996 to standardize the documentation,
handling, and privacy of medical records and related documentation.
The basic idea of this law is similar to how FERPA treats educational
records. HIPAA provides guidance as to who may access records
and what their access may consist of.
Please visit the
US Health & Human Services HIPAA site at:
http://www.cms.hhs.gov/HIPAAGenInfo/02_TheHIPAALawandMore.asp#TopOfPage
or visit HIPAA 101, a comprehensive third-party website at:
http://www.hipaa-101.com/
Enacted in 1999, GLBA was created to protect personal financial
information. While mostly targeted at financial institutions,
any business or organization offering any of a number of financial
activities can be affected by GLBA.
Some of these activities include:
- Providing educational
courses and materials to consumers on individual financial
management
- Providing advisory
and related services for programs designed to promote
community welfare
- Data processing
or data transmission services, facilities, databases,
advice and access to services, facilities, and databases
by technological means
GLBA not only provides for collection and disclosure of personal
financial information, it also provides requirements for institutions
to design, implement, and maintain safeguards to protect that
information.
For information, please visit the Federal Trade Commission GLBA
website at:
http://www.ftc.gov/privacy/privacyinitiatives/glbact.html
ND OPEN RECORDS LAW
According to the state of North Dakota, all public entities
are subject to open record laws. This includes NDSU Agriculture,
Extension, and Research Station. Records include nearly all paper
documentation as well as computer files and E-mail.
There are certain documents that are not open record. The laws
listed above provide some exceptions to the open record laws.
However, when an open record request is denied, the public entity
(the person refusing the request) MUST be able to explain within
reasonable time the legal authority (the law or ruling that prevents
a specific document from being open record) to the person requesting
access. When asked, the public entity must put the denial and
explanation in writing.
Please view an open record fact sheet from the State of North
Dakota at:
http://www.ag.nd.gov/Brochures/FactSheet/OR&MeetingsPublicOfficials.pdf
or visit the State of ND Open Records & Meetings website
at:
http://www.ag.nd.gov/OpenRecords/ORM.htm
For examples of public vs private data, view this NDUS classification
document:
http://www.ndus.nodak.edu/uploads/document-library/834/1901.2-DATA.PDF
Please
note this site and the provided links do not necessarily
reflect the position of NDSU or the State of North Dakota
on
legal
matters
relating to privacy and is listed
solely as a reference. For final determination
of legality for a subject or situation, please contact
your legal counsel.
