Policies

  • Social Media Policy
    Although Columbia does not officially monitor student’s online activity, violations of the Student Code of Conduct or official college policy that are brought to the administration’s attention will be acted on accordingly.
  • Copyright Policy
  • Family Educational Rights & Privacy Annual Notice to Students

    colum.edu/ferpa

    Columbia complies with the Family Educational Rights and Privacy Act of 1974 (FERPA), as amended, by publishing an annual notice to students explaining their rights under the act in Columbia’s catalog and Student Handbook.

    I. Upon written request, students may inspect and review their educational records by submitting their request to the registrar. Columbia will endeavor to provide the student an opportunity to inspect and review his or her educational records within a reasonable time after receiving the request, not exceeding 45 days from the receipt of the request. Students’ educational records are maintained under the supervision of the registrar in the Records Office, Room 611, 600 S. Michigan Ave., Chicago, Illinois 60605.

    II. It is Columbia's policy that no personally identifiable information from educational records will be released without prior written consent of the student, except for that information designed in this policy as directory information and such personally identifiable information that may be disclosed under the circumstances allowed under the Act and regulations passed pursuant to the Act. The following personnel are granted access to educational records without prior written consent of the student as a matter of routine and for legitimate educational purposes: the registrar, the General Counsel's Office, the student services directors, the deans, the chairpersons of the academic departments, and any of their agents. Student educational records are made available to the above designated persons in furtherance of the legitimate educational purposes of record maintenance, evaluation and advising, financial aid evaluation, review for disciplinary and academic action, and billing. 

    III. As required by the act and regulations, Columbia maintains a record of written requests for personally identifiable information whether or not such requests are granted. Each student has the right to inspect and review the record of written requests for disclosures of personally identifiable information which is maintained in his or her permanent record.

    IV. Columbia designates the following information as directory information: the student’s name; information on whether or not a student is registered at Columbia during the term in which the information is requested; dates of attendance; information concerning the student’s graduation status, including whether or not he or she has graduated from Columbia, the date of any degree awarded and the type of degree awarded; major field of study; awards received; and participation in officially recognized activities, sports and organizations. Students have the right to withhold disclosure of the above information by notifying the registrar in writing. The proper form for refusal of disclosure is available in the Records Office.

    V. A student has the right to request an amendment to his or her educational records to ensure the educational record information is not inaccurate, misleading or in violation of the student’s rights. The procedure to seek amendment of a student’s educational records is as follows:

    1. A written request must be submitted to the registrar stating the reason a student seeks to amend his or her educational record and attaching any supporting documentation to the request.
    2. Within a reasonable time after receiving the request, but in no event longer than 45 days, the registrar will issue a decision in response to the student’s request. If the decision is unfavorable, the student has the right to a hearing before a panel of associate deans on the request to amend. The student has the right to be represented by counsel at the hearing. The decision of the Academic Standards Review Committee is final.
    3. In the event of an unfavorable decision by the Academic Standards Review Committee, the student has the right to include a written statement setting forth his or her reasons for disagreeing with the committee on the matters presented in the request to amend the records.
    4. Each student has the right to file a complaint with the U.S. Department of Education concerning alleged failures by Columbia to comply with the requirements of the act and the regulations passed pursuant thereto.
  • Password Requirements

    Password Requirements

    Policy Details
    Section
    Information Security
    Policy Name Password Requirements
    Policy Approved By Senior VP of Business Affairs/CFO
    Effective Date 06/01/2018
    Policy Objective The purpose of this policy is to establish a standard for creation of strong passwords, the protection of those passwords, and the frequency of change. This policy reinforces information security by establishing a strong but reasonable password management practice.
    Scope The scope of this policy includes all personnel who has access to the colleges information systems.
    Defined Terms Passwords – A secret word or phrase that must be used to gain admissions or access to something.

    Phishing – A fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details, often for malicious reasons, by discussing as a trustworthy entity in an electronic communication.
    Policy Statement The protection of confidential information and other sensitive data on the network is a fundamental responsibility of every employee and student at the college. Passwords are the keys that control access to this information.
    Passwords creation guidelines should be as follows:

    • Be a Minimum of 8 characters

    • Contain at least three of the 4 following password complexity requirements
    - Lowercase alpha characters (e.g. a, b, c, d, e, …z)
    - Uppercase alpha characters (e.g.. A, B, C, D, E, … Z)
    - Numbers (e.g. 1, 2, 3, 4, 5, …9)
    - Special characters or punctuation (e.g. ! @ # $ % ^ & * + > < { } ?)

    • Not be based on personal information (names of family, pets, etc.)

    Passwords shall be changed at a minimum of every 90 days (3 months), and the last six passwords cannot be reused. Users shall note that anytime there is a change in password, it must be updated on all devices that use the Company’s password, including smartphones, tablets, and laptops.

    All passwords should be treated as confidential information. This password shall be unique from every other password the user has. Passwords shall never be written down or recorded along with corresponding account information or usernames. Passwords shall not be shared with any other individual. Users should always be mindful of their surroundings when entering their password (e.g. ensuring no one is looking over their shoulder). If the password is forgotten, users must contact the IT Department for password reset. In the event that you suspect your account of password to be compromised in any way, immediately report the incident to your immediate supervisor or Client Services.

    The IT Department will never send an email message or make a phone call asking for the user’s password. If such a request is received, consider it a forgery (i.e. a phishing scam). Your password should never be provided to anyone including anyone from IT, when working with IT on an issue if your password is required you will be asked to type it in.
    Roles and Responsibilities Employees and students are responsible for reading, understanding and complying with the statements in this policy.