The email came from the Office of the University Cashier just before 9 a.m. reminding students with due balances to pay in order to register for spring classes. Along with the students’ tuition balance, first names and PIDs were listed in the email.
University Cashier DeAhn Baucom said in a statement that the student specific information was not supposed to be sent out.
“Each email message was intended to be sent only to the appropriate individual, but instead the emails were sent as a batch and each student received multiple messages corresponding to other students,” Baucom said.
Soon after the first email was sent, a recall message was sent from the Office of University Cashier to affected students to prevent students who didn’t open the message from seeing it.
Jonathan Jones, director of the North Carolina Open Government Coalition, said for this leaked information to violate the Family Educational Rights and Privacy Act, one would have to argue students could be identified and the information disclosed was an education record. He said FERPA provides students a path to access their own information and protects the inappropriate disclosure of education and discipline records related to students.
“The names by themselves would not be (a FERPA violation),” Jones said. “Even if there was first and last name and the PID number, I don’t think that would be either because I don’t think your PID number is an education record — it’s an identifier, it’s not something that really relates to your education.”
Collections Manager for the University Cashier Keyana Kimbrough sent out an apology email to all 361 students letting them know some of their account information was inadvertently disclosed to other students.
“Although we acknowledge that this message contained personal information including your first name, PID number and balance owed, we do want to assure you that the email message did not contain your last name, Social Security number or other identifying information,” Kimbrough said in the email.
