Moodle - FERPA compliance


UW-Madison has adopted Canvas as its single, centrally supported learning management system. As of 6/1/2018, support for Desire2Learn (D2L) and most Moodle courses has been discontinued. Access to those courses has permanently ended. However, certain Moodle courses that are part of the Adanced Quizzing Content Functional Gaps project are still available on Moodle. Those courses are located on the Moodle Extension site.

Registrar's suggested setting for FERPA compliance in Moodle when roster information is available through the CRIS data service.

The Registrar's office would like to see a Moodle configured with a few settings in order to meeting the established university FERPA compliance. Here is the list of setting (below are the details of how to make the settings.)
  • Set a Site Policy A site policy implies that all users view, read, and agree to the privacy responsibilities and rights established by the university in order to meet FERPA compliance.
  • Limited access to a student's full name Full Names of students are only available to those in the same course. This includes limiting access to forums and blogs to people who share a course.
Set a Site Policy To set a Moodle Site Policy, first create a site html file and second set the site policy URL.
  1. Upload an html file that will be used as the content of the Site Policy page. Use the attached file policy.html. It contains the Registrar's FERPA information clause.
    Site Administration ► Front Page ► Site files
  2. The policy URL can point to anywhere - one convenient place would be a file in the site files. eg http://yoursite/file.php/1/policy.html
    Site Administration ► Security ► Site policies
      Site Policy URL: a site file with the Registrar's FERPA information clause.
Limited access to a student's full name Full Names of students are only available to those in the same course. This is accomplished by not allowing guest's to see areas of the courses where a student's name might be available.
  • Update permissions on Guest role to comply with FERPA FERPA mandates that we protect enrollment information, even if the student hasn't requested additional protection. So, guest access should not be able to see anything that has a user name tied to it. This means you have to take out permission to view things like forum posts, and user details.
    Administration ► Users ► Permissions ► Define roles
      Guest role Edit
         moodle/user:viewdetails : Prohibit
         moodle/blog:view : Prohibit
         mod/chat:chat : Prohibit
         mod/data:viewentry : Prohibit
         mod/forum:viewdiscussion : Prohibit
  • Limit access to a users blogs to only those who share the course
    Site Administration ► Security ► Site policies
      Blog Visibility: Users can only see blogs for people who share a course

Keywords:FERPA Privacy Responsibility Registrar   Doc ID:9854
Owner:Deborah H.Group:Moodle
Created:2009-05-10 19:00 CDTUpdated:2018-03-05 17:56 CDT
Sites:DoIT Help Desk, Moodle
Feedback:  1   1