Practices to Avoid
At several institutions, students must disclose their SSNs to register for courses (on-line or paper form registration processes). Some universities used the SSN for access control or electronic payment. Others required student SSNs for transcript requests.
The paper registration process unduly discloses the SSN to university registrar employees throughout the process. The on-line registration process generally results in electronic databases that identify students by SSN. Without strict application controls, individual SSNs could be compromised.
Class rosters at some universities listed the student SSN and name.
Listing SSNs on class rosters with student names exposes the SSN to university employees. At a minimum, the practice makes SSNs available to instructors. If instructors do not adequately safeguard class rosters, student names and SSNs could be vulnerable to unauthorized access.
Students must enter their SSNs to log into computers at several of the universities.
Students’ SSNs are susceptible to unauthorized disclosure during the log-in process. At one university, the SSN was displayed on the computer monitor during the log-in process. Computer users accustomed to the process can visually obtain an SSN while a student logs on.
A university required that students record their SSNs on written examinations that were graded electronically. In such instances, students entered their SSN, which was used as the primary student identifier, onto machine-readable forms. These forms and examinations provide a source for unauthorized persons to obtain student SSNs.
Instructors at some of the universities reported final grades to the registrar’s office by student SSNs.
Listing SSNs and student names on class grade reports discloses the SSN to university employees. This weakens institutional control over the SSN.
SSNs frequently appear on student ID cards. One university official stated that student SSNs were displayed on the back of ID cards. Students use this card for check cashing, registration, transcript requests, and book vouchers. At another university, students were assigned a magnetic stripe card that contained their SSN, to enter designated areas such as laboratories or gymnasiums or to initiate transactions such as making photocopies, checking out books, placing telephone calls, or purchasing meals and snacks.
SSNs were used to access the Internet and computer systems.
Although the Internet and most computer systems use encryption to prevent identity theft, it is still possible for "hackers" to access some systems. Additionally, forms that were accessible to students in the university computer systems clearly displayed student SSNs when they were printed.
Overdue Library Notices
At one university, library staff maintained overdue library book records that identified the delinquent student by name and SSN.
The paper record of overdue books containing student names and SSNs increases SSN exposure to library staff and other individuals in the work area. Additionally, the electronic database used to develop the overdue book record contained the student SSNs. Without strict application controls the SSN could be electronically compromised.
One university requested that prospective students provide their SSNs on reply cards used to schedule campus tours or informational meetings. These cards requested that students provide their name, address, telephone number, and other personal information, including SSN.
SSN on Rooming Applications
Many rooming applications have the student’s SSN, their parents and the SSN of the “planned” roommate and their parents. This is seen both by students and parents alike. Exposure to the SSN in this way can lead to potential problems. Therefore, our recommendation is that universities remove the SSN from these applications and use another unique identifier, protecting the student’s and parent’s privacy.