Re: FERPA Notice of Unauthorized Disclosure of Education Record
If you have directly received a notice from Naropa University regarding this data
dissemination, your education record was identified as being directly impacted by
the following event.
- A notation has been placed within the affected students’ education record pursuant
to requirements of the Family Educational Rights and Privacy Act of 1974 (“FERPA”).
- On November 8, 2017, a University employee inadvertently sent information relating
to certain students to the University-issued email accounts of a group of current
- The types of student information that were impacted as a result of the incident include
the following: student name, student ID number, Admit date and year, Admit catalog,
Program code, Academic status code, current Classification, any Major, Minor or Concentration
codes, Advisor name, Registration Session and Year, Session Registration Status, Registered
hours, Cumulative Attempted and Earned hours, Cumulative GPA, Work Course Codes and
Final grades (specifically COR150 and/or COR220), Email address, Phone number, whether
the student is/was classified as a LEAP, first-time/ first-year, or first generation
Please note that the above information is a comprehensive list and for most student
affected, only a limited version of the above was released.
- The University immediately responded by working with its email hosting vendor (Google)
to ensure that the inadvertently transmitted information was permanently removed from
the email accounts of all unintended recipients of the information. The University
also reviewed available evidence and found no indication that any unintended recipient
of the information forwarded the information to another email address within or outside
of the University’s email domain. However, if any student has saved or otherwise still
is in possession of this email message or its contents, you are asked to immediately
delete all copies.
- The majority of this disseminated information is considered to be Directory Information.
This is defined as, information that is considered to not be harmful if released.
This data may be disclosed without prior written consent (unless notified in writing
to the contrary), due to its Directory Information status, but institutionally, Naropa
makes a practice of not releasing Directory information. Naropa University’s Directory
information includes: student name, address, student email, telephone number, photograph,
date and place of birth, major field of study, dates of attendance, degrees and awards
received, and most recent previous school attended.
- Naropa University takes the privacy and security of student information within its
care very seriously. Should you have any questions or concerns, or information to
provide the University regarding this incident, please contact us at StudentData@naropa.edu.