When collecting and managing web-based data, be aware of all legal concerns including the Family Educational Rights and Privacy Act (FERPA). Depending on your department, there may be additional considerations.

As a division, we are moving towards having all data centralized on campus or through approved third party systems. If you are using products such as Drop Box, Box, Evernote, JotForm or Google Products, we need to start the process of migrating to UA Box.

Sensitive Data

Anything that contains data covered by FERPA or other departmental regulations requires more security. The following are examples of approved systems that provide the required security:

  • Application systems built by the Student Life web team
  • Application systems built by the Office of Information Technology
  • Approved 3rd party systems such as
    • Qualtrics
    • UA Box
    • Blackboard
    • OnBase
    • Handshake (CrimsonCareers)

Non-Sensitive Data

Any information that can be found within a public directory is non-sensitive data. Departments must verify that everything collected is not covered by FERPA or other departmental regulations. This type of data has fewer restrictions in how it is collected and managed. The following are approved methods for collection and management:

  • Email
  • WordPress Forms
  • Any method listed under sensitive data

Other methods must be approved before use.