Innovative tools built to align with your unique campus environment

Campus Labs offers a hosted platform that ensures security, confidentiality, and compliance.

dataOwnershipIcon

Data Ownership

Your privacy and data ownership are guaranteed.

During and after the Campus Labs license period, all campus-specific data remains the exclusive property of the college or university. In the event that a college or university opts to participate in a benchmarking project with other campuses, data ownership will be governed by the policy of that particular project. Institutional and student privacy issues are of the highest importance to Campus Labs. Student e-mail addresses and/or identification numbers are never shared, sold, or disseminated to any third-party.

securityIcon

Security

We protect your data 24/7.

Campus Labs has implemented various security measures at the application, network, and physical level to ensure that data will not be compromised. At the application level, several security measures and coding standards are in place, such as code to guard against common hacking techniques, rules related to strength of passwords, and staying up-to-date on all security and release updates. Protection at the network level includes features such as dual firewalls, SSL encryption, and 24/7 monitoring. Campus Labs servers are housed within a Class A Data Center, compliant with TIA standards. The servers are always staffed, have three-tiered access points, and 24/7 camera surveillance.

ferpaIcon

FERPA Statement

Family Educational Rights and Privacy Act

The Family Educational Rights and Privacy Act (FERPA) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.

The U.S. Department of Education released changes to the Family Educational Rights and Privacy Act (FERPA) on and effective December 9, 2008, to provide a more detailed map as educators and administrators navigate through emergency decisions and day-to-day management. The following summary of changes reflects the revisions, which will in some way affect the proceedings of campuses in contract with Campus Labs.

Third Party Release Data
The Department of Education has ruled that education records and personally identifiable information may be released—without consent—to third-party vendors, volunteers, and non-employees under the following proviso:

Contractors, volunteers, and any non-employees that have access to student records or identifying information must be included in the institution’s Annual Notification of FERPA as “school officials with legitimate educational interests”

Third parties performing institutional services must be under “direct control” of the institution

Implications for Campus Labs users:
The third-party release ruling came as a relief to most campuses, particularly those who have found a need to outsource institutional tasks to third-party vendors. The term “direct control” essentially implies that an institution must have and maintain ownership of all data released. In other words:

An institution may not release data to any organization that intends to release or use that data for reasons outside the needs and requests of the university

Third-party vendors are also held responsible for the data released to them

Universities and colleges should not release data to vendors who have or had policies of releasing confidential data

Campus Labs complies with the FERPA ruling, as a “school official with legitimate educational interests,” and can and ought to be listed as such in an institution’s Annual Notification of FERPA.

Campus Labs remains a responsible advocate for each of its campuses and does not and will not practice the release of data to any extent. Data released to Campus Labs is the property of the institution and under the direct control of that institution.

Directory Information
The Department of Education has ruled that student identification numbers (IDs) can now be included in directory information, given that they are not the sole identifier needed to access student education records. If used in combination with other identifying factors, student IDs can be used to validate the identity of an individual who is requesting personal records. Universities and colleges, however, must honor any student’s request to opt out of releasing directory information.

Implications for Campus Labs users:
In the past, FERPA has ruled that student IDs could not be used as directory information for fear that the ID alone would provide access to confidential student education records. The new ruling clearly overturns this. The FERPA reasoning behind the change is largely in part to increased security measures on most campuses, where more than one identifying item is necessary to gain access to education records. If a student ID is the sole piece of information needed to access these records, student IDs may not be used as directory information, nor released publicly without student consent. However, Campus Labs qualifies as a “school official” under the FERPA terms and as such institutions may release data—both directory and confidential—to Campus Labs without fear of negligent practice.

Personally Identifiable Information
Under the previous policy, personally identifiable information was described as any information that was “easily traceable” to the student’s identity. However, FERPA now provides standards for defining personally identifiable information, such as indirect identifiers like mother’s maiden name, place of birth, date of birth, etc.

Implications for Campus Labs users:
Because Campus Labs complies with the third-party release rules stipulated under FERPA, personally identifiable information may be released to Campus Labs. The items above predominantly affect communications inside a university and the extent to which personally identifiable information can be released publicly. The Department of Education has written a detailed description of their reasoning behind these changes in the FERPA final rule.