HALLAZGOS Y LOGROS
2.4. Recientes investigaciones sobre superdotación en la Universidad de Murcia: nuevas propuestas
Grambling State University protects the security, confidentiality, and integrity of student records and maintains special security measures such as restricted entrance, password protection, and surveillance to protect and back up data. The University adheres to policies and procedures concerning student records that are in compliance with the Family Educational Rights and Privacy Act (FERPA) and the Health Information and Privacy Protection Act (HIPPA). FERPA and HIPPA are published on the University’s website
(http://www.gram.edu/offices/registrar/ferpa/) and, in the GSU General Catalog 2009-11
(Exhibit I-A). Grambling State University and the School of Nursing utilize systematic methods for maintaining student records which include limited access, confidentiality, and locked file cabinets and doors. Permanent academic records are secured under the direction of the Registrar’s Office.
Confidentiality of electronic records is secured by restricting use to only those who have been granted access. Paper copies of students’ permanent records are kept in a secured fire-proof vault in the Registrar’s Office. Only the Registrar’s office staff has access to these records. All academic records are retained permanently as recommended by the American Association of Collegiate Registrars and Admissions Officers (AACRAO).
Annually, all academic records are scanned and imaged to compact disc (CD) by Databank, an imaging and information solutions corporation in Monroe, Louisiana. Databank, located approximately 35 miles from campus, serves as an offsite record storage facility. All staff who have access to the records and electronic data are trained to ensure compliance with the institution’s procedures on confidentiality, security, and integrity of student data. Students who
work in the office are required to complete a Student-Employee Code of Responsibility for Security and Confidentiality of Records and Files Form. These completed statements are
maintained in the Registrar’s Office. Table 3.6, Financial Aid Documents and Location, provides additional information regarding student records. Students in the School of Nursing benefit by the University’s compliance with the financial and educational guidelines and regulations for record keeping.
Table 3.6 Financial Aid Documents and Locations
Documents Location
FERPA Annual Notice http://www.gram.edu/registrar/annual.asp University General Catalog
2009-2011
http://www.gram.edu/sacs/ccd/section3/3-9/3-9-2/0911 catalog.pdf
FERPA Brochure for Students and Parents
http://www.gram.edu/registrar/docs/FERPA%20for%20Pare nts.pdf
AACRAO’s Retention of Records Guide for Retention and Disposal of Student Records
Office of Records and Registration Grambling State University
Grambling, LA 71245 Student-Employee Code of
Responsibility for Security and Confidentiality of Records and Files Form
http://www.gram.edu/sacs/ccd/section3/3-9/3-9-2/Stud Code of Responsibility.pdf
Grambling State University Information Technology Center Policies
GSU Internet Use Policy Remote Access Policy GSU Password Policy Data Sanitization Policy
http://www.gram.edu/sacs/ccd/section3/3-9/3-9-2/GSU Internet Use Policy.pdf
http://www.gram.edu/sacs/ccd/section3/3-9/3-9-2/Remote Access Policy22.pdf
http://www.gram.edu/sacs/ccd/section3/3-9/3-9-2/Information Technology Center Password.pdf http://www.gram.edu/sacs/ccd/section3/3-9/3-9-2/Data Sanitization Policy.pdf
Louisiana Office of Information Technology Policies
IT-POL-003 Data Sanitization IT-POL-012 Remote Access to Internal Networks
IT-STD-009 Authentication
Data and Software Integrity
The Information Technology Center (ITC) uses the latest technology to protect the integrity of the University’s data by deploying Microsoft updates and anti-virus software on the University’s network. The ITC distributes the Microsoft updates and anti-virus software updates to every computer on the network to ensure that the latest updates and viruses will not infect and ultimately corrupt stored data. The antivirus software allows the ITC to produce reports to illustrate how many viruses were detected and deleted using the anti-virus software. The ITC uses software installed on computers in student computer labs to preserve the original
configuration of the computer by deleting at reboot, any software that was downloaded to the computer during the day, including software that could pose a threat to the College computer network. The School of Nursing faculty maintains compliance through password protection, anti-virus software, recommended and required updates of software, and collaboration with
Information Technology staff.
Backup Procedures
The ITC follows a rigorous procedure to backup student data in the event of hardware, software failure or catastrophic incident. All the ITC servers that store student data are backed up fully once a week and incrementally every weekday. The tapes that store university data are stored off-site, rotated every two weeks and the rotations are stored in a fire proof vault located in the ITC.
Physical security
Access to the physical storage devices in ITC central computer room is restricted to ITC employees who need access to perform their duties. Access to two locked doors is required to enter the central computer room. Any employees other than computer operations personnel, such
as technical staff working on computer or networking systems, or non-employees such as maintenance personnel or members of tour groups, must log their activities or visit on the log sheet. All activity is monitored by the departmental surveillance camera system. The Associate Vice President for Information Technology, Director of Network Services or Director of Administrative computing and the management staff periodically review entries on the log to verify legitimacy.
Passwords and permission
The ITC uses network passwords to authenticate valid users and to protect data across its network. Passwords to the network must be changed every 30 days. Written permission is required to gain access to student data within the student information system. Any changes to access the information must be approved by the person who has primary responsibility for the data. These changes are then performed by the ITC’s Security Administrator, Director of Network Services or System Administrators. The user IDs and passwords of terminated employees are disabled and their accounts quarantined as soon as the employee has completed his or her last day of work.
Data Security and Sanitization
The University ensures that student records are secure from intrusion from unauthorized access. When the institution sends electronic files internally, or to other state and federal
agencies appropriate security and encryption measures are utilized. Firewalls, virtual private networks, intrusion detection appliance, and secure socket layer (SSL) certificates are used to secure data. The procedures of Grambling State University require that sensitive data is removed from equipment prior to disposal or transfer.
Firewalls
The University utilizes firewall and intrusion detection systems to protect the University network from unauthorized access. Firewall rules are developed, tested, documented, and implemented by qualified university staff or service providers. Records of firewall changes are stored for one year. Educational records for School of Nursing BSN students are kept in secure files in the administrative suite. The data stored in official School of Nursing files include academic contracts for each semester, policy forms with the original student signature, and academic/transcript evaluation forms. Other forms found in the official files include application to the professional component, proof of clinical requirements, and clinical evaluations. After graduation, the required program completion forms are included in the student’s academic file.
For students who are dismissed from the program, all forms except graduation forms will be kept in the academic file. Academic records by semester for each class are kept by faculty in their respective courses. Files with a copy of each blank test with a test key and Scantron forms for all students are kept for five years. The students’ test booklets are shredded to provide additional needed space as well as provide test security. At the end of each semester, copies of the grade sheets are provided to the School of Nursing Office. At the end of each semester, students’ grades are submitted to the School of Nursing administrative office; failing grades at mid-term as well as all grades at the end of the semester are entered in the computerized Banner Web system.
Records for all MSN students are securely maintained in the Graduate Admissions’
office. Students’ grades are submitted to the School of Nursing administrative office at the end of the semester and failing grades at mid-term as well as all grades at the end of the semester are entered in the computerized Banner Web system. Records maintained for each MSN student
include application for admission to the professional component of the program, clinical evaluation forms, final transcript showing progression through the program, and graduation forms. For students terminated in the program, the same records are maintained except graduation forms.
Financial records are secured in the Financial Aid department. Students who apply for any type of financial assistance are required to file the Free Application for Federal Student Aid (FAFSA). The FAFSA and the Student Aid Report (SAR) are required to determine eligibility for financial aid. These records are a part of the files kept in the Financial Aid department. Each year the amount and type of financial assistance are recorded by the Financial Aid department.
Only employees in the Financial Aid department have access to the student records secured in that department.
3.4 Compliance with the Higher Education Reauthorization Act Title IV eligibility and