Students and Employees
Research participation must be voluntary—prospective subjects should be able to decline or withdraw from participation at any time without negative consequences.
The Common Rule, at 45 CFR 46.116, states than an investigator should seek informed consent from a human subject "only under circumstances that provide the prospective subject...sufficient opportunity to consider whether to participate and that minimize the possibility of coercion or undue influence." Especially when they are being recruited by persons in positions of authority (e.g., faculty, employers), students and employees represent populations that are particularly vulnerable to subtle coercion, perceived pressures to accept research invitations, and undue influence.
Appropriate segments of the following statement should be incorporated into UIUC consent forms for studies where students or employees will be deliberately targeted in the research population: "Participation in this research is voluntary. Your decision to participate, decline, or withdraw from participation will have no affect on your grades at, status at, or future relations with this institution or the University of Illinois."
OHRP Guidebook
Research involving students and employees is addressed in Chapter 6, Part J of OHRP's IRB Guidebook.
Students
Alternatives to research participation must be provided to all students.Some college students are minors—when recruiting widely from a university population, especially one including freshmen, researchers should be clear on whether they will or won't exclude minors from the research study. If minors will not be excluded, parental consent must be obtained.
No UIUC department may establish a student subject pool without prior written authorization from the IRB Office. When UIUC students are enrolled in a course in which participation as human subjects forms an integral part of the course, the official University course catalogue and timetable shall state that fact in the course description. A statement such as the following shall be included in the course description: "Includes limited voluntary participation as a subject in research activities." This statement will serve to alert registrants, but it does not suffice as the only means of ensuring that the subjects' participation in a specific research activity is voluntary. Detailed guidelines are available from the IRB Office.
Less direct recruitment practices (e.g., public sign-up sheets) are preferable to person-to-person invitations (especially those made by faculty to his or her own students).
Payment in the form of course credit should not constitute a significant percentage of the total credit for the course. The investigator will be asked to provide the details about the course grading system when applying for approval of a credit-for-research agreement.
Student and Course Data Access—UIUC Policy
See the Campus Administrative Manual, Sections III-15 and III-15.1 at http://www.admin.uiuc.edu/CAM/CAM/iii/iii-15.html and at http://www.admin.uiuc.edu/CAM/CAM/iii/iii-15_1.html.This policy, governing access to student and course data, resulted from the recommendations of a campus committee appointed by the Provost and Vice Chancellor for Academic Affairs and from subsequent administrative review.
Student Data
Campus student-data access policy is predicated on requirements imposed by the Family Educational Rights and Privacy Act of 1974 (FERPA); more complete information about the campus implementation of FERPA can be found in the Code on Campus Affairs and Handbook of Policies and Regulations Applying to All Students. Related requirements governing the release and use of individually identifiable data for research can be found in the Handbook for Investigators: For the Protection of Human Subjects.
Course Data
Generally, access privileges to course information are established by the Associate Provost (333-2353) and the Office of Project Planning and Facility Management (333-1233). FERPA governs access to course information only in so far as it is contained in the records of individually identifiable students. State statute places further limits on the use of some student and course information, because the information is state property.
Data administration offices (those offices assigned the responsibility for campus-level management of data) have primary responsibility (a) for ensuring the security and proper use of data, (b) for evaluating how data will be transmitted to users, and (c) for determining levels of appropriate access for prospective users. Such offices will apply the policies in this document, weighing the goals of maximizing authorized data access against minimizing the risk of unauthorized access. Data requesters may seek higher review of administrative decisions according to generally accepted administrative guidelines.
Data administration offices assume the responsibility of disseminating information about data-access policies through printed material and staff training. In accepting access to student and course data, data users assume the responsibility of familiarizing themselves with campus policies on data access and use and of complying with those policies. Advice on data use and storage is available from offices that administer primary student and course databases and from the University Research Board. Some important elements of those policies are included on the following pages.
Access Guidelines
Access privileges are granted to specific users with defined needs. Authentication of user identity is a principal element in access control. Access control will preserve and monitor access to granted privileges and will monitor user identity.
Student Data
For the purposes of this policy, student data are classified as directory information, information that must only be used under certain restricted conditions, generally by University staff for official use.
The principal test for access privileges to nondirectory information is that the requester have "a legitimate educational interest" in the data for which access is requested. The principal requirement is that the data user limit data use to that required for fulfilling officially assigned University responsibilities.
Data may be transferred among University staff in the discharge of University responsibilities. Data must not be released to third parties outside the University, including parents of students, that FERPA considers legal third parties. Designated staff may release data in emergency situations, and parents of dependent students may certify themselves as such and be given access to their children's records.
While the audience for data access changes over time, general categories of data users and types of use are described below. Additional specific operating guidelines may apply.
Display Privileges
Directory Information. The campus has identified the following as items of directory information: name; addresses (local and home); telephone numbers; college, curriculum and major field of study; class level; date of birth; dates of attendance and full- or part-time status; eligibility for membership in registered University honoraries; degrees, honors, and certificates received or anticipated; weight and height, if an athletic team member; participation in officially recognized activities and sports; and institutions previously attended.
Information about students who choose to withhold directory information will not be included for user groups marked with *.
Directory information will be made available to all UIUC staff for official use.
*Student organizations may have access only to directory information, only upon application to and with the approval of the dean of students or the college dean, for single college organizations. Faculty/staff advisers of registered organizations may have access to machine-processable directory information by completing an agreement in which they accept responsibility to ensure that heir organizations are in compliance with data-access policy.
*The standard source of directory information for non-University organizations is the Student/Staff Directory. These organizations may be given additional access, where, in the opinion of University administrators, the organization's use of the data directly supports a University-sanctioned service.
*Honorary organizations whose directors and selection committees are not composed entirely of faculty may have access only to directory information for membership selection.
Directory information provided to units other than academic and administrative ones is released only for the purpose described in the request. Other use is strictly prohibited.
Nondirectory Information. All data collected about students that are not specifically defined as directory information are considered nondirectory information. General categories of nondirectory information include identification, demographic, address, admissions (class ranks, standardized test scores, post-secondary grades), detailed previous institutional attendance, standardized tests, placement and proficiency exam, UIUC program participation, academic status, UIUC course enrollment and grades, teacher certification, evaluation of degree progress, family financial data, financial needs, financial aid awards, student account, loan repayment and other financial performance, and details about eligibility for participation in athletic events.
Global Privileges. (All data for all students).
College deans and principal advisory staff in college offices; chief advisers in schools and academic departments; data administration offices; and senior administrative staff in student affairs units have access to these data.
Cohort Privileges
Cohorts of student records may be organized in any of four general ways:
By student's advising college/department—Advising units have access to all data for the students they advise.
By student course enrollment—Teaching units have access to that information necessary for the administration and evaluation of their teaching activities. This includes information necessary for the ordinary operation of teaching activities and information used in research efforts to improve instructional effectiveness. Faculty members who have no advising responsibilities do not have access to academic history information of individual students.
By program participation—Units that operate student support programs have full or selected data about students in that unit's program.
By special cohorts identified from the basic eligibility criteria of honorary organizations—If the entire membership of the executive and membership selection committees are faculty members, the organization may have access to nondirectory information for the purpose of selecting prospective members.
Student Controlled Privileges
Students may allow access to their records by prior consent.
Users not otherwise eligible to access directly nondirectory information may obtain such access by obtaining the student's written permission to access centrally stored data.
Students may grant access to centrally stored data by providing their network ID and password to staff for example, to those advisory staff who would not otherwise have such access.
Research Privileges
Stripped of data elements that can identify individual students, student records on selected databases are made available to all campus staff for unlimited research use without special prior review. Published research results must still ensure the anonymity of research subjects.
Where University faculty and staff researchers must maintain the individual identity of the subject throughout the research, for example, where it is necessary to merge student data with other independently collected subject data, data will be provided to those researchers upon prior written request that complies with FERPA and the Institutional Review Board's guidelines.
Update Privileges
Students may update those items of their own data that are appropriate and where procedures can be developed to authenticate student identity reliably.
Other update access to student and course data is established by common agreement between the primary data administrators and other campus units in a position to collect data effectively.
Course Data
For access considerations, course data are classified as published information that is public and as nonpublished information for which there is restricted access. Published information is typically that which appears in the Courses, Undergraduate Programs, and Graduate Programs catalogs, and in the Timetable. Nonpublished information includes the data maintained by departments in the management of seat assignment and research data about instructional programs.
Students, staff, and the general public are granted display privileges for all published course information. This information may not be electronically copied or reproduced without University permission.
Access to nonpublished course information is generally limited to teaching departments, those beyond departments in the administrative reporting path to the Chancellor, and those administrative departments authorized by the Provost and Vice Chancellor for Academic Affairs.
Questions concerning this policy statement should be directed to the Associate Director for Systems, Office of Admissions and Records, 333-6383 or Assistant Vice President for Systems Development, Office of Administrative Information Systems and Services, 244-0100.
Date Issued: May 21, 1996
Issued by: Office of Administrative Information Systems and Services
Approved by: Office of the Provost and Vice Chancellor for Academic Affairs
Public Relations, Records and Information: Section III - 15
Top