Records (Student Records)

Originally appeared in the CAS Weekly Newsletter.
Written by attorney Thomas B. Mooney.

Dear Legal Mailbag:

I very much enjoy the Legal Mailbag, and I have a simple question for you. I’m wondering what can and cannot be placed in students’ cumulative files. In particular, I’m wondering about DCF 136 Forms, school records of behavioral/academic interventions, etc.

Thank you,
A Fan 
Continue Reading CAS Legal Mailbag Question of the Week – 12/12/2018

On November 29, 2017, the House of Representatives Energy and Commerce subcommittee on Digital Commerce and Consumer Protection held a hearing on the use of computer algorithms and their impact on consumers.[1]

This was the latest in a series of recent efforts by a variety of organizations to explore and understand the ways in which computer algorithms are driving businesses’ and public agencies’ decision-making, and shaping the digital content we see online.[2]

In its simplest form, an algorithm is a mathematical formula, a series of steps for performing mathematical equations. The witness testimony and questions from the members of the Subcommittee highlighted a number of issues that businesses and government regulators are facing.


Continue Reading Is Algorithmic Transparency the Next Regulatory Frontier in Data Privacy?

The requirements of the European Union (“EU”) General Data Protection Regulation (“GDPR”) come into effect on May 25, 2018.   These regulations promise to usher in sweeping changes to the way institutions, companies, and other organizations collect and handle the personal data of EU residents.

The GDPR is a holistic set of data privacy requirements that address the entire life cycle of collection, use, and disclosure of the “personal data” of EU residents. While we anticipate jurisdictional challenges that may someday limit the GDPR’s reach outside of the EU, the law as currently drafted purports to affect institutions of higher education, companies, and other organizations, such as boarding schools, worldwide. This means that the GDPR will affect not only institutions that do business with or operate inside of the EU, but will also affect institutions in the United States that processes the personal data of persons residing in the EU.[1]


Continue Reading Is Your Institution Ready for GDPR?