SACS Reaffirmation of Accreditation Site
Overview Compliance Certification Quality Enhancement Plan Resources SACS Evaluators Hillsbrough Community College
3.9.2 Security of Student Affairs Records
The institution protects the security, confidentiality, and integrity of its student records.
Judgment of Compliance
Narrative/Justification for Judgment of Compliance

Hillsborough Community College protects the security, confidentiality, and integrity of our student records.  HCC complies fully with the Federal Family Educational Rights and Privacy Act (FERPA), which governs the confidentiality of student records. Records are defined as all records, files, and data directly related to students that are created, maintained, and used by HCC (HCC Catalog, p. 81) The College has adopted two administrative rules on student records and confidentiality of personal information, 6HX-10-5.26 Safeguarding Student Personal Confidential Information; and 6HX-10-5.15 Student Records.  All HCC administrative rules are available to College staff via HCC's intranet.  The procedure for implementation of these policies is published in HCC's online Operations Manual, also available via the intranet.  At least annually, in-service workshops are held to assist HCC staff in understanding policies pertaining to student records.

Hillsborough Community College students are apprised of the records policies in numerous ways.  Information about the policies is published in the HCC Catalog (p. 81), the Student Handbook & Academic Planner, and is discussed during New Student Orientation. HCC’s records policies afford students the right to:

  • Inspect and review their educational reports and records;
  • Have privacy of their educational reports and records maintained;
  • Require the College to obtain their written consent prior to disclosing personally identifiable information, except in those instances specifically noted in statute; and
  • Challenge and request hearings on requiring the College to amend any portions of the students' records that are inaccurate, misleading, or otherwise in violation of the students' privacy.

The Offices of Admissions, Registration, and Records Offices (ARR) on all campuses are responsible for processing student records and maintaining the integrity of the electronic student data base, as well as paper documents relevant to all students.  Students' written records stored in the ARR Offices are access-restricted and locked for security.  ARR personnel are charged with educating other members of the HCC community about FERPA and their roles in keeping student information secure.  All faculty members and Student Services personnel are required to sign a FERPA Confidentiality Statement which is placed in their personnel file, confirming their understanding of HCC’s records policies. 

Hillsborough Community College's ARR Officer (or Student Systems Agent) and supervisors in the campus ARR Offices participate in state and national conferences and subscribe to pertinent journals and newsletters that provide information on best practices in student records management and federal regulations.  As needed, changes to HCC's records policies are made and shared with the College community.

Hillsborough Community College's Office of Information Technology (OIT) is responsible for the security of the student data base, which is stored electronically in the administrative online computer system.  Employee access to the administrative online system is granted through an approval process which involves the employee’s supervisor and the ARR Officer. The OIT keeps virus protection updated and maintains server security.  HCC's administrative computer system servers are secured in locked, restricted-access areas within OIT.  For a more detailed discussion of electronic records security, please refer to Comprehensive Standard 3.4.11.

Hillsborough Community College disposes of student records in accord with the State of Florida General Records Schedule GS5 for Universities and Community Colleges. Bulk records disposal is handled by a contracted shredding company.  Each ARR Office has small shredding machines for daily disposal of unneeded documents that contain students' personally identifiable information .

Supporting Documentation

Comprehensive Standards

3.1.1 Institutional Mission
3.2.1 Selection of CEO
3.2.2 Legal Authority & Operating Control
3.2.3 Gov. Board: Conflict of Interest
3.2.4 Gov. Board: Undue Influence
3.2.5 Gov. Board: Dimissal
3.2.6 Gov. Board: Distinction of Duties
3.2.7 Organizational Structure
3.2.8 Qualified Administration
3.2.9 Appointment & Employment
3.2.10 Evaluation of Administrators
3.2.11 CEO: Intercollegiate Athletics
3.2.12 CEO: Fund Raising
3.2.13 Foundation
3.2.14 Ownership of Materials
3.3.1 Institutional Effectiveness
3.4.1 Program Approval & Lrng. Outcomes
3.4.2 Continuing Education Programs
3.4.3 Admissions Policies
3.4.4 Policies for Academic Credit
3.4.5 Dissemination of Academic Policies
3.4.6 Practices for Awarding Acad. Credit
3.4.7 Consortial & Contractual Programs
3.4.8 Acad. Credit for Non-Credit Work
3.4.9 Support Services
3.4.10 Definition/ Gen. Ed. Requirements
3.4.11 Security of Student Acad. Records
3.4.12 Faculty Responsibility/ Curriculum
3.4.13 Program Coordination
3.4.14 Use of Academic Technology
3.5.1 Attainment / Gen. Ed. Competencies
3.5.2 Credit Earned at Institution
3.6.1 Advanced Academic Contents
3.6.2 Independent Learning
3.6.3 Credit Earned at Institution
3.7.1 Faculty: Qualifications
3.7.2 Faculty: Evaluation
3.7.3 Faculty: Professional Development
3.7.4 Faculty: Academic Freedom
3.7.5 Faculty: Policies on Responsibility
3.8.1 Library: Facilities and Services
3.8.2 Library: Access
3.8.3 Library: Staff
3.9.1 Student Rights & Responsibilities
3.9.2 Security of Student Affairs Records
3.9.3 Qualified Student Affairs Personnel
3.10.1 Financial Stability
3.10.2 Financial Statements
3.10.3 Financial Aid Audits
3.10.4 Control of Financial Resources
3.10.5 Control of Sponsored Research
3.10.6 Healthy, Safe, Secure Environment
3.10.7 Physical Facilities