Dive Brief:
- U.S. Department of Education Chief Privacy Officer Kathleen Styles responded to a March letter from two Oregon elected officials questioning the presence of loopholes in student privacy law.
- The Oregonian reports that Styles expressed concern over University of Oregon administrators’ ability to gain access to a student’s health records after she accused the university of improperly handling her rape allegations.
- Styles’ letter explained that education privacy law FERPA does seem to provide fewer protections than health privacy law HIPAA, indicating the department plans to continue its review of student privacy concerns to determine whether it should issue guidance to universities nationwide.
Dive Insight:
The University of Oregon used a student’s counseling records to defend itself in a lawsuit she filed after allegedly being gang-raped by UO basketball players. Critics have argued the university never should have been able to access those confidential records. The fact that they did has called doctor-patient privilege into question for rape victims at other campuses. The privacy “loophole” is based on a university’s ability to claim counseling records are educational records in certain contexts, and therefore available to them. The Department of Education regularly issues guidance to colleges and universities under its jurisdiction through “dear colleague” letters that have the potential to drastically alter practices at schools nationwide.