What you don’t know about your Student Records System and FERPA…could cost you dearly! (and many others too!)

CREATING MORE LIABILITIES is not exactly a “top priority” for most Administrators and Board members, but creating more liabilities is exactly what their Student Records System and their lack of awareness of FERPA could be doing.

As I speak at K-12 and Higher Education conferences all across the nation, it is shocking how many Administrators, faculty and staff (TATs, BITs, counselors, SROs, nurses, coaches, etc.) are unaware of the section of FERPA that describes “law enforcement unit records and a law enforcement unit”. To understand how this section of FERPA (and multiple other guidelines) can help you eliminate three very real and very costly liabilities, keep reading.

For years and years, Administrators (K-12 and Higher Education), School Boards, Regents and others have been advising their faculty and staff to use their Student Records System to document and record student discipline, student investigations, student referrals, student behaviors, student interventions, student assessments and numerous other student related actions. BUT, lessons learned and an evolving judicial appetite towards student safety, duty of care and reasonably foreseeable are proving “old school” advice is not good advice and could create multiple liabilities and very expensive consequences.

LIABILITIES associated with Student Records Systems can include:

• Authorized Disclosure Liabilities
• Unauthorized Disclosure Liabilities
• Negligence / Inappropriate Response / Reasonably Foreseeable Liabilities

Authorized Disclosure Liabilities – these liabilities can occur if a student or a student’s family decides to bring a lawsuit against your school because they believe school personnel are not or did not take appropriate actions to intervene and prevent recurring incidents (bullying, harassment, abuse, sexual assault, violence, etc.) or did not take appropriate actions to prevent a tragedy. Attorneys understand that under FERPA, the student (their client) has Authorized Disclosure rights and therefore the student or family can request all student related records (notes and documentation relating to discipline, investigations, referrals, behaviors, interventions, assessments, etc.) in the Student Records System and the institution must release those records to the student. Because situational awareness, behaviors and interpretations can change during an ongoing investigation, the comments, actions taken and other documentation placed in the “student records system” could create confusion and even create liabilities due to what was documented or was not documented at that time.

Unauthorized Disclosure Liabilities – these liabilities can and do occur because of the way Student Records Systems are designed. By design Student Records Systems allow multiple individuals (Administrators, faculty, staff, etc.) to access multiple/if not all students’ records. Because multiple individuals (Administrators, faculty, staff, etc.) have access to most (if not all) students’ records, this can lead to unauthorized access and unauthorized disclosures of potentially sensitive information about a student that has been documented and recorded in the Student Records System relating to incidents, referrals, suspicious activities, investigations, interventions, assessments, discipline, etc.

Negligence / Inappropriate Response / Reasonably Foreseeable Liabilities – these liabilities can and will continue to occur because individuals are aware of sensitive information, concerning behaviors, suspicious activities and inappropriate/criminal actions related to a student but they do not document this information in the Student Records System fearing unauthorized access/unauthorized disclosure liabilities or because the key individuals involved (Administrators, TATs, BITs, counselors, SROs, etc.) do not want the information to be part of the student’s record. However, when sensitive information, concerning behaviors, suspicious activities and inappropriate/criminal records are known and not shared with other key individuals (safety team, threat assessment team, prevention team, etc.) then institutions are opening themselves up to “negligent, inappropriate and reasonably foreseeable” liabilities that can lead to even more costly liabilities (and prevention failures). And the consequences can be even more costly because new state laws are eliminating “government immunity” if/when students are injured or killed, making it even more critical for School Administrators, Board members and other Officials to be equipped with the right tools to securely share sensitive information and related information with only the right people in the right places at the right time so they can do the right things…right away.

How does FERPA help you and your institution eliminate these three dangerous and potentially costly groups of liabilities?

FERPA 34 CFR 99.8 – What provisions apply to records of a law enforcement unit?

(a) (1) “Law Enforcement Unit” is defined as any individual, office, department, division, or other component of an education agency or institution, such as a unit of commissioned police officers or non-commissioned security guards, that is officially authorized or designated by that agency or institution to:
(i) Enforce any Local, State or Federal law, or refer to appropriate authorities a matter for enforcement of any Local, State or Federal law against any individual or organization other than the agency or institution itself; or
(ii) Maintain the physical security and safety of the agency or institution

(2) A component of an educational agency or institution does not lose its status as a “law enforcement unit” if it also performs other non-law enforcement functions for the agency or institution, including investigation of incidents or conduct that constitutes or leads to disciplinary action or proceedings against the student

(b) (1) Records of law enforcement unit means those records, files, documents, and other materials that are:
(i) Created by a law enforcement unit
(ii) Created for a law enforcement unit purpose and
(iii) Maintained by the law enforcement unit

(2) Records of law enforcement unit does not mean:
(i) Records created by a law enforcement unit for a law enforcement purpose that are maintained by a component of the educational agency or institution other than the law enforcement unit; or
(ii) Records created and maintained by a law enforcement unit exclusively for a non-law enforcement purpose, such as a disciplinary action or proceeding conducted by the educational agency or institution

While eliminating and preventing liabilities is obviously a “top priority” for Administrators, Board members and others…it is surprising and shocking most are UNAWARE that FERPA (and other related guidelines) provide them with guidelines to help ELIMINATE MULTIPLE LIABILITIES.

One of the most important components to maintaining law enforcement unit records AND eliminating liabilities is to provide the law enforcement unit with appropriate training and the right tools to create and maintain law enforcement unit records, separate from “education records” that are maintained in Student Records System.

Because of mounting incidents, headlines, tragedies, liabilities and lawsuits, Awareity created a proven and award-winning central secure records management solution that also includes a comprehensive suite of evidence-based and research-based tools that equip your “Law Enforcement Unit” to not only eliminate these three liabilities, but the right tools to “collect the dots, assess the dots, connect the dots” and share the right information with the right people in the right place at the right time to proactively prevent incidents, lawsuits and tragedies.

Awareity’s central secure records management and prevention platform also equips your agency or institution to meet national standards such as the ANSI Workplace Violence Prevention & Intervention standard (ANSI WVPI), which like FERPA also recommends threat assessment and investigation records be maintained separate from Student Records Systems and Employee/HR Records Systems. And a Virginia State Guideline on threat assessment recommends all threat assessment files / records should be maintained in the law enforcement security records of the institution rather than the subject’s education records or employment records.

Clearly educational agency and institution Administrators, Board members and other Officials should be taking immediate actions to ensure their “law enforcement unit / prevention team” is aware and equipped to follow Federal and State guidelines and national standards because explaining why you failed to do so in a court room will be very difficult.

And taking immediate action is easy because no one from your agency or institution is going to recommend not taking action, not following Federal and State guidelines and not following national standards.

With over 500 schools and colleges leading the way and utilizing Awareity’s proven prevention solutions, why would your agency or institution choose “old school” processes that can lead to more prevention failures, more liabilities and more costly consequences?