Educause Security Discussion mailing list archives
Implications of Student Unit Record Data Collection
From: Rodney Petersen <rpetersen () EDUCAUSE EDU>
Date: Thu, 9 Dec 2004 12:47:32 -0700
(Please excuse the cross-post for anyone on the ICPL list where this topic surfaced a few days ago, but the considerations for data security and privacy are relevant to the security community so I wanted to make sure everyone was aware of a proposal under consideration.) The National Center for Education Statistics (NCES) at the U.S. Department of Education is exploring a move to student unit record data collection for the Integrated Postsecondary Education System (IPEDS). Since the Higher Education Act is up for reauthorization, this is a timely proposal. Congressional members and others are concerned about accountability as it relates to enrollments, graduation rates, net prices, and financial aid among other higher education issues. Many believe that the current data collection system may not be very useful in addressing these issues. Collecting and reporting more data can better define the problem and create better solutions according to some. Others have voiced concern about the proposal's privacy and security implications. As of 2003, thirty-nine states have implemented a student unit record collection reporting requirement so many institutions may already be collecting and reporting at the state level. In the spirit of informing the EDUCAUSE membership and generating more awareness, we suggest that you consult with relevant campus personnel (including CIO, security officers, IT policy administrators, registrar, institutional research staff, and datawarehouse managers) to explore the implications of the student unit record data collection proposal on technology systems, information security, and data privacy at your institution. Below you will find a few questions that may serve as a starting point in campus discussions with various stakeholders. 1) What are the benefits to be gained from participation in the new student unit record collection system? 2) What impact, if any, will the proposal have for the security and privacy of student data? 3) Does the proposal introduce any new risks to data security and privacy? 4) What are the practical changes that will be required of processes, information systems, policies, and training or awareness in order to comply with any new requirements? We are interested in learning about your discussions and experiences, so please drop us a reply with your views. Your input informs our internal discussions as well as information sharing with other policy organizations. Although we are initially considering comments due to the NCES contractor by December 15th for a report to Congress, we welcome your feedback at any time. For more information, see: EDUCAUSE Blog on "New Proposal for the Collection of Student Data" http://www.educause.edu/Blog/1511&blog_id=287&select_case=permalink IPEDS Student Unit Record Feasibility Study Documentation http://www.highered.org/ipeds/ November 2004 Alert from the Association for Institutional Research http://www.airweb.org/page.asp?page=711 National Association of Independent Colleges and Universities Issue Summary and Background Material http://www.naicu.edu/HEA/UnitRecord.shtml Article in Council on Law in Higher Education Privacy Newsletter http://www.clhe.org/campusprivacy/cplv1n1.pdf Sincerely, -Rodney -------------------------------------------------- Rodney J. Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE 1150 18th Street, N.W., Suite 1010 Washington, D.C. 20036 (202) 331-5368 / (202) 872-4200 (202) 872-4318 (FAX) EDUCAUSE/Internet2 Security Task Force www.educause.edu/security ------------------------------------------------ ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Implications of Student Unit Record Data Collection Rodney Petersen (Dec 09)