University Compliance

Information Privacy and Protection


Family Education Rights and Privacy Act (FERPA) of 1974 - Student Records

The Family Education Rights and Privacy Act of 1974, popularly known as "FERPA" or the "Buckley Amendment,"  is a Federal law that protects the privacy of student education records. This law applies to all schools that receive federal funding from the U.S. Department of Education.

University Compliance Network Contact:

Sherril Soman, Registrar, x13327

Helpful Resources:

Information regarding FERPA and FERPA-related responsibilities is available on the FERPA pages of the Registrar's Office website:

  • Students
  • Parents
  • Faculty & Staff
  • Parent/Family Access

Additional information may be obtained on the Legal, Compliance & Risk Management Division website, including training documents and applicable regulations:

  • Training Documentation (PowerPoint)
  • FERPA Questions and Answers
  • Regulations, Amendments, Analysis (U.S. Department of Education)

Health Insurance Portability and Accountability Act (HIPAA)

University Compliance Network Contact:

Scott Richardson, Associate Vice President Human Resources (HIPAA Officer), x12215

Helpful Resources:

"HIPAA is a federal law related to health insurance and medical privacy. GVSU is required by law to implement policies and procedures for protecting health information that is contained in the University's health plan."  Please refer to the HIPAA content available in the "Policies & Procedures" section of the Human Resources Office website for:

  • A Guided Tutorial for Faculty and Staff
  • Notice of Privacy Practices

See also Human Subjects Research for HIPAA requirements pertaining to research involving human subjects.

Identity Theft Detection Program (Red Flags Rule)

University Compliance Network Contact:

Pam Brenzing, Controller, Identity Theft Detection Program Administrator, x13490

Helpful Resources:

In accordance with applicable federal regulation (16 C.F.R. 681) and GVSU Identity Theft Detection Policy, the Controller serves as the Identity Theft Detection Program Administrator and chairs the Identity Theft Committee.  The committee also includes representatives from Information Technology, Registrar's Office, University Bookstore, Student Accounts, Campus Dining, Housing, Financial Aid and Public Safety Services.  Members meet regularly for training, discussion and program evaluation.

Freedom of Information Act (FOIA)

GVSU Contact:

Tom Butcher, Vice President and General Counsel, x12067

Helpful Resources:

The Freedom of Information Act (FOIA) requires full disclosure of public records, unless those records are exempt under the Act. All University personnel shall endeavor to assist, guide, and cooperate with the Legal, Compliance & Risk Management Division staff to allow the University to timely process the FOIA request.  The Legal, Compliance & Risk Management Division website includes links to:

  • Freedom of Information Act Request Form
  • Freedom of Information Act
  • Freedom of Information Act Policy

Research Information

University Compliance Network Contact:

Chair of the Human Research Review Committee, x13417

Helpful Resources:

Consult the Research Topic page of this website or consult the Human Research Review Committee website for guidance in managing research-related information.

Copyright Law

GVSU Contact:

Library Staff, x13500

Helpful Resources:

The Copyright Duplication Policy contained in the Grand Valley Manual states, "It is the policy of Grand Valley State University (hereinafter, University) to follow the United States Copyright Law of 1976, as amended, (Title 17, United States Code, hereinafter, the Copyright Act, which includes the provisions of the TEACH Act)."  Consult the policy for additional information.

Page last modified April 25, 2016