Release of information through email provokes policy change
Policies around information handling are tightening following the recent release of confidential student data.
March 13, 2019
A document containing confidential student records was emailed to an undisclosed number of students on Feb. 27.
The document, which contained student names, email addresses and religious affiliations, was attached to an email promoting the Multifaith Alliance’s Christian Privilege event, scheduled for March 7. The email, which has since been deleted from Hamline’s servers by ITS, originated from Zan Christ, coordinator for Religious and Spiritual Life Programs.
Two follow-up emails were sent on Feb. 27 and on March 1 apologizing for the mistake and indicating that ITS was remotely deleting the email from Hamline’s servers.
Students’ reactions to the release of the documents ranged from critical to unconcerned.
“In my opinion, it was like an invasion of privacy, but I don’t think it deserved the amount of uproar it raised,” first-year Jailyn Robinson said. “I feel like that literally touched on the privilege that Christians have.”
Robinson said she did not realize what was in the attachment until friends started talking about it in group chats.
First-year Grace Stolte said that she worried “a little bit” about the document being accidentally released because “I don’t know who else received it.”
According to Dean of Students Patti Klein, the only recipients of the email were students whose information was on the list attached, since it was used by the Wesley Center to generate the email in the first place. Klein added that the same list was used to make sure affected students were notified of what had happened and the steps being taken to address the situation.
Junior James Rhodes questioned how the accident happened.
“I understand having a record of students and who goes to the school, but why have something like religious affiliation?” Rhodes said. “Having something like that so close to something harmless like a flyer just doesn’t make sense to me.”
According to the initial email sent by Klein, a flyer for the Multifaith Alliance’s event was supposed to have been attached to the email instead of the list. Zan Christ could not be reached for comment about how the accident occurred.
According to Klein, the list was generated by the registrar’s office at the request of the Wesley Center, who used it to contact students self-identifying as having a Christian affiliation to invite them to the event.
The list was based on data about student demographics collected by the college from questions asked during the admissions process. This data is sometimes used to reach out to groups of students. Klein said that the kinds of information released in these lists will change going forward to prevent similar accidents in the future.
“The process moving forward is that an office doesn’t have a list [with specific information attached],” Klein said. “They request a list based on a need and have a list of names and emails, and then that is used for that purpose.”
Klein said this change in policy did not specifically come as a response to this incident. She described it as an expansion of existing policies which currently regulate how the university responds to requests from outside entities such as employers for student information such as grades.
Students have the option to change their responses to questions about race and ethnicity through Piperline. They can also contact the registrar if they want their information to remain private.