The Family Educational Rights and Privacy Act of 1974 (FERPA), as amended, requires institutions to notify students currently in attendance of their legal rights under FERPA with respect to their education records. At APUS, a student has rights under FERPA upon completion of orientation.
At APUS, Student Rights under FERPA Include:
- The right to inspect and review his/her own education records within 45 days of the day the University receives an access request. A student should submit a written request to the registrar identifying the education record the student wishes to inspect. The Registrar will arrange for access and notify the student of the time, format, and place where the records may be inspected. For more information on reviewing records, go to Review of Records.
- The right to request an amendment to an education record that the student believes is inaccurate, misleading, or otherwise in violation of the student’s privacy rights under FERPA. A student who wishes to ask the University to amend a record should submit a written request to the Registrar clearly identifying the part of the record the student wants amended, and specifying the reason for the request. If the University decides not to amend the record as requested, the University will notify the student in writing of the decision and the student's right to a hearing regarding the request for amendment. Additional information regarding the hearing procedures will be provided to the student when notified of the right to a hearing. The final decision to amend the record resides with the University.
- The right to require written consent before the University discloses personally identifiable information (“PII”) from the student's education records, except to the extent that FERPA authorizes disclosure without consent (you may review FERPA Exceptions for Disclosure below). A student who wishes to grant access to a third party may complete a FERPA Release Authorization Form. Please email FERPA@apus.edu to request the form. The form will only be released to the student not the third party.
- The right to file a complaint with the U.S. Department of Education concerning alleged failures by the University to
comply with the requirements of FERPA. The name and address of the office that administers FERPA is:
Family Policy Compliance Office
U.S. Department of Education
400 Maryland Avenue, SW
Washington, DC 20202-5901
FERPA Exceptions for Disclosure Without Consent
The University discloses PII from education records without a student’s prior written consent under the FERPA exception for disclosure to school officials with legitimate educational interests. A school official has a legitimate educational interest if the official needs to review an education record to fulfill his or her professional responsibilities for the University.
APUS defines the following as school officials:
- Personnel within APUS;
- A volunteer or contractor outside of APUS who performs an institutional service or function for which APUS would otherwise use its own employees and who is under the direct control of APUS with respect to the use and maintenance of PII from education records (for example and without limitation, legal counsel, auditors, third-party contractors or collection agents); and
- A person serving on the Board of Trustees.
FERPA also permits the disclosure of PII from education records, without consent of the student, if the disclosure meets certain conditions found in 34 C.F.R. § 99.31. Except for disclosures to school officials, disclosures related to some judicial orders or lawfully issued subpoenas, disclosures of directory information, and disclosures to the student, APUS is required to record the disclosure. Here is a summary of some of the circumstances in which APUS may disclose PII from education records without obtaining prior written consent of the student:
- In connection with financial aid for which the student has applied or which the student has received, if the information is necessary to determine eligibility for the aid, determine the amount of the aid, determine the conditions of the aid, or enforce the terms and conditions of the aid;
- To accrediting agencies carrying out their accreditation function;
- To persons in compliance with a judicial order or lawfully issued subpoena;
- To appropriate officials in connection with a health and safety emergencies;
- Information APUS has designated as “directory information” (see below);
- To parents of dependent children as defined for IRS tax purposes (Documentation will be required as proof. Email FERPA@apus.edu for more information.);
- To authorized representatives of the U. S. Comptroller General, the U.S. Attorney General, the U.S. Secretary of Education, or State and local educational authorities, such as a State postsecondary authority that is responsible for supervising the university’s State-supported education programs. Disclosures under this provision may be made, subject to the requirements of §99.35, in connection with an audit or evaluation of Federal- or State-supported education programs, or for the enforcement of or compliance with Federal legal requirements that relate to those programs. These entities may make further disclosures of PII to outside entities that are designated by them as their authorized representatives to conduct any audit, evaluation, or enforcement or compliance activity on their behalf;
- To officials from:
- other institutions to which the student seeks to or intends to enroll or is already enrolled if the disclosure is for purposes related to the student’s enrollment or transfer (subject to certain preconditions);
- organizations conducting studies for or on behalf of APUS in order to (a) develop, validate, or administer predictive tests; (b) administer student aid programs; or (c) improve instruction; and
- To persons or organizations for any purpose, so long as the only information disclosed is “directory information” and the student has not opted out (see below).
FERPA Federal and State Data Collection and Use
As of January 3, 2012, the U.S. Department of Education's FERPA regulations expand the circumstances under which the education records and PII contained in such records — including Social Security Number, grades, or other private information — may be accessed without student consent. First, the U.S. Comptroller General, the U.S. Attorney General, the U.S. Secretary of Education, or state and local education authorities ("Federal and State Authorities") may allow access to the records and PII without student consent to any third party designated by a Federal or State Authority to evaluate a federal- or state-supported education program. The evaluation may relate to any program that is "principally engaged in the provision of education," such as early childhood education and job training, as well as any program that is administered by an education agency or institution. Second, Federal and State Authorities may allow access to the education records and PII without student consent to researchers performing certain types of studies, in certain cases even when we object to or do not request such research. Federal and State Authorities must obtain certain use-restriction and data security promises from the entities that they authorize to receive student PII, but the Authorities need not maintain direct control over such entities. In addition, in connection with Statewide Longitudinal Data Systems, State Authorities may collect, compile, permanently retain, and share without student consent PII from the education records, and they may track student participation in education and other programs by linking such PII to other personal information about the student that they obtain from other Federal or State data sources, including workforce development, unemployment insurance, child welfare, juvenile justice, military service, and migrant student records systems.
Better Business Bureau (BBB) Inquiries
Information requested from the Better Business Bureau (BBB) will only be released to the BBB if the student has completed a FERPA Release Form. If a FERPA Release Form has not been completed, the University will respond to the BBB with a letter explaining that the student has not authorized release of information and that a letter will be sent directly to the student with detailed information addressing the issue. The student may then choose to forward a copy of the University's direct response to the BBB.
Information that is not considered under FERPA to be harmful or an invasion of privacy if disclosed is referred to as directory information. FERPA allows each institution to decide what it deems to be directory information. As indicated above, APUS discloses “directory information” without a student’s consent, unless the student has requested that his or her “directory information” not be shared. For more information on APUS Directory Information, including the right to block APUS from sharing such information.
With certain exceptions, the Family Educational Rights and Privacy Act (“FERPA”) requires APUS to receive your written consent prior to disclosing personally identifiable information from your education records. You can read APUS’s FERPA policy here. However, APUS may disclose “directory information” (as defined below) without your prior written consent unless you opt-out (as described below). “Directory information” is information that under FERPA is not considered harmful or an invasion of privacy if disclosed.
What categories of information does APUS designate as “directory information”?
APUS designates the following categories of information as “directory information”:
- Student identification (ID) number;
- Major field of study;
- Dates of attendance;
- Level (undergraduate or graduate);
- Class standing/Classification (Freshman, Sophomore, Junior, or Senior);
- Registration Status (Full-time, Part-time, or Not Currently Enrolled);
- Participation in officially recognized activities;
- Degrees, honors (including Dean's and President's Lists), and awards received;
- Electronic-mail address;
- City/State/Country of residence;
- Most recent educational agency or institution attended;
- Photographic or videotaped image; and/or
- Projected Conferral Date (if available).
How can I stop APUS from disclosing directory information about me? (Directory Information Block (DIB))
If you do not want APUS to disclose directory information about you without your prior written consent, you must request a DIB as described below. You may request or rescind a DIB at any time.
When a DIB prohibits sharing of all categories of directory information:
- APUS will be unable to list the student as having attending APUS and from acknowledging that the student is currently enrolled (except with the student’s prior written consent or under another FERPA exception).
- APUS will be unable to list the student in University publications, including the Commencement Book.
- APUS will be unable to list the student as an alumnus/a.
Will a Directory Information Block prohibit APUS from disclosing directory information in every case?
No. Even if a student executes a DIB, APUS may disclose directory information without consent consistent with its FERPA Policy, which you can access here. For example, a DIB will not restrict access by an APUS school official with a legitimate educational interest in the information. As a further example, a DIB will not keep advisors from seeing your information or prevent your name and other personal information from appearing in online class tools (as long as use of such tools is restricted to members of the class).
How do I request a Directory Information Block?
If you wish to request a DIB, you should e-mail the request to FERPA@apus.edu. Your e-mail should specify which category or categories of directory information you wish to prevent APUS from disclosing. Once processed, a DIB will be placed in your account. Once set, it will remain in place until you authorize its removal. The e-mail requesting to rescind the DIB must be received by the Office of Student Records at FERPA@apus.edu.
How long will a DIB remain in place? What if I have a DIB in place but I want APUS to disclose my directory information to a particular party?
Unless revoked, a DIB remains in effect throughout your enrollment at APUS and following graduation or withdrawal. If you have a DIB in place but you want directory information disclosed to a particular party, you are solely responsible at all times for completing the necessary APUS consent form and requesting APUS to disclose directory information to the third party
With whom will APUS share “directory information” and for what purposes?
APUS reserves the right to share directory information with any individual or entity and for any purpose.
What are my responsibilities as a student with respect to my records?
You are responsible for keeping your student account updated with your current contact information such as e-mail address(es) and phone number(s). APUS uses that information as the primary means of identification for communication purposes.
You are responsible for safeguarding email account login information and your password. APUS shall not be responsible for the misuse of passwords by any person.