91ɬÂþ Seal (for official use only)
 

POLICY #5.39 
SUBJECT: Records Access and Management


I. PURPOSE

The purpose of this Policy is to provide policy related to Southern Utah University Records access and management matters pursuant to the Utah Government Records Access and Management Act (GRAMA), Utah Code § 63G-2-101, et seq.


II. REFERENCES

  1. Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99)
  2. Southern Utah University Policy 5.53 University Archives and Records Policy
  3. Southern Utah University Policy 5.58 University Email Policy
  4. Southern Utah University Policy 11.3 Family Educational Rights and Privacy Act
  5. Utah Code

III. DEFINITIONS

  1. Classification: "Classification," or "Classify," and their derivative forms mean determining whether a Record series, Record, or information within a Record is public, private, controlled, protected, or exempt from disclosure under GRAMA.
  2. Controlled Record: Records that include medical, psychiatric, or psychological information, or other information controlled by GRAMA.
  3. Designation or Designate: The assigned Classification or assigning a Classification.
  4. GRAMA: A comprehensive law dealing with management of Government Records. GRAMA states who has access to Records and how the law is enforced. It is an attempt to balance the public’s constitutional rights of access to information concerning public business, the individual’s constitutional right to privacy when the government gathers personal data, and the public policy interest in allowing a government to restrict access to certain Records for the public good.
  5. Private Record: A Record containing data on individuals that is private as provided by Utah Code Section 63G-2-302. This includes, but is not limited to, Records pertaining to medical history or diagnosis, employment Records, Records containing data on individuals the disclosure of which constitutes a clearly unwarranted invasion of privacy, and certain information voluntarily provided by an individual that goes into an electronic database administered by the Chief Information Officer and can be electronically retrieved and used to facilitate individual’s online interaction with the University.
  6. Protected Record: A Record that is Classified protected as provided by Section 63G-2-305. This includes, but is not limited to, Records containing trade secrets, materials for which the institution owns the intellectual property rights, test questions and answers, Records that would impair governmental procurement, Records subject to the attorney client privilege, names of donors if requested, certain higher education Records (see Utah Code Section 53B-1-102) such as unpublished lecture notes, unpublished notes, data, and information relating to research (unpublished manuscripts; creative works in process; scholarly correspondence; and confidential information contained in research proposals), and Records that would jeopardize the life or safety of an individual.
  7. Public Record: A Record that is not private, controlled, or protected and that is not exempt from disclosure under GRAMA.
  8. Record: A book, letter, document, paper, map, plan, photograph, film, card, tape, recording, electronic data, or other documentary material regardless of physical form or characteristics:
    1. that is prepared, owned, received, or retained by University; and
    2. where all of the information in the original is reproducible by photocopy or other mechanical or electronic means.
    3. a personal note or personal communication prepared or received by an employee or officer of the University:
      1. in a capacity other than the employee’s or officer’s governmental capacity; or
      2. that is unrelated to the conduct of the public’s business;
Record does NOT include:
    1. a temporary draft or similar material prepared for the originator’s personal use or prepared by the originator for the personal use of an individual for whom the originator is working;
    2. material to which access is limited by the laws of copyright or patent, unless the copyright or patent is owned by the University;
    3. proprietary software;
    4. a book that is cataloged, indexed, or inventoried and contained in the collections of a library open to the public;
    5. material that is cataloged, indexed, or inventoried and contained in the collections of a library open to the public, regardless of physical form or characteristics of the material;
    6.  a computer program that is developed or purchased by the University for its own use; or
    7. any other exclusion found in Utah Code § 63G-2-103(22)(b).
  1. Records Officer: The employee (or their designee), appointed by the University President, to work with state archives in the care, maintenance, scheduling, Designation, and Classification of University Records. The Records Officer oversees the receipt, scheduling, response, and if necessary, denial of Records requests under GRAMA. The Records Officer may also be referred to as the GRAMA officer.
  2. Restricted or Exempt Records: Information for which there are legal requirements prohibiting or imposing financial penalties for unauthorized disclosure; e.g. FERPA education Records, or other federal or state restrictions.
  3. Sponsored Research: Research, training, and other sponsored activities as defined by the federal Executive Office of the President, Office of Management and Budget:
    1. Conducted:
      1. By an institution within the state system of higher education defined in Utah Code § 53B-1-102; and
      2. Through an office responsible for sponsored projects or programs; and
    2. Funded or otherwise supported by an external:
      1. Person that is not created or controlled by the institution within the state system of higher education; or
      2. Federal, state, or local governmental entity.

IV. POLICY

  1. Making a Request for Access to Records:
    1. The University centrally manages requests for access to Records. Requests for access to Public Records shall be made in writing to the Records Officer, at openrecords@suu.edu or as otherwise set out on the University website for Records requests. The written request must include:
      1. The person's:
        1. Name;
        2. Mailing address;
        3. Email address, if the person has an email address and is willing to accept communications by email related to the person's Records request; and
        4. Daytime telephone number, and
      2. A description of the Record(s) requested that identifies the Record(s) with the reasonable specificity.
  2. University Employee Receiving a Records Request
    1. Employees shall direct to the Records Officer all written requests for access to Records, which were not sent to the Records Officer, subject to the limited exceptions set out below.
    2. The Records Officer or a Designee shall oversee GRAMA request responses, including the removal or gathering of documents and any written response.
    3. GRAMA requests are typically written and recognizable as they specifically reference “GRAMA” or are on a GRAMA form. Sometimes a requester will refer to the Freedom of Information Act (FOIA). Any request for Records that is made by a third party for Records that employees do not typically receive routine requests for or provide (such as some units who provide student Records in certain circumstances) should be referred to the Records Officer.
    4. Many requests for Records made to 91ɬÂþ are not GRAMA requests. For example, students may typically request certain Records from the Registrar’s Office, Financial Aid Office, etc., and those requests are governed by FERPA. Employees may consult the Records Officer and/or the Office of Legal Affairs with any questions about whether a request is a GRAMA Records request and whether to disclose a Record.
  3. Response to Records Request by University Records Officer
    1. Time for Response: The Records Officer makes reasonable efforts to respond within 10 business days of receipt of the GRAMA request. The response may be made within five (5) business days after receipt of the request if the requester demonstrates that an expedited decision benefits the public rather than the requester or interested party. However, if no decision is rendered during these timeframes, the failure is equivalent to a denial of the request. These timeframes may be extended depending on the circumstances.
    2. Possible Outcomes of Response: A response may include providing access to or copies of Records, and/or may include a denial of the Records to the extent the requestor is not entitled thereto (see more on denials, below). A response denying a Record request will specify the reasons for the denial. If the Records Officer does not respond within 10 business days, it is considered the equivalent of a denial of the Records request.
    3. Charges and Fees
      1. Fees: The Records Officer may charge a fee to the requester of the Records to cover the actual cost of duplicating or compiling the Records. GRAMA allows that this fee can include, but is not limited to, time spent compiling, formatting, tailoring, copying, searching, retrieving, and other direct administrative costs for complying with the request. (Utah Code § 63G-2-203.)
      2. Amounts: 91ɬÂþ’s fees are subject to change, and the fee schedule is available on the 91ɬÂþ website for GRAMA requests. The actual cost of any storage media will be requested. All other included fees will be charged at the lowest applicable hourly rate at the time of the request, except that the first quarter hour (.25) will be free of charge.
      3. Prepayment: If fees are expected to exceed $50 or the requestor has not paid prior fees, the Records Officer may require the requestor to prepay the fees based on an estimate.
      4. Fee Waiver: Any requested fee waiver will be reviewed by the Records Officer. The Records Officer determines whether to waive the fee based on the following standards, in accordance with GRAMA, but is based on the totality of the circumstances and within the discretion of the Records Officer:
        1. The release of the Record primarily benefits the public rather than a person;
        2. the individual requesting the Record is the subject of the Record, the parent or legal guardian of the subject who is an incapacitated individual or unemancipated minor, or someone with power of attorney from the subject of the Record; and
        3. the requester's legal rights are directly implicated by the information in the Record, and the requester is impecunious.
      5. Failure to Pay: The failure to pay a GRAMA fee can be grounds for the denial of future GRAMA requests and the failure to prepay the fee when requested also may result in the Records Officer not producing the Records.
  4. Reasons for Denying a Request for Access to Records: A Records access request will typically be denied for the following reasons (but the GRAMA statute provides additional reasons, which may apply from time to time):
    1. It is exempted from the definition of Record, as described above.
    2. Private Record: The requested Record is a Private Record and the requestor is not the subject of the Record;
    3. Protected Record: The requested Record is a Protected Record under GRAMA, unless the Record pertains to the person who submitted the Record or has power of attorney or a notarized release to receive the Record, and can also be received by court orders, and legislative subpoenas (Utah Code § 63G-2-305).
    4. Controlled Record: The Record includes medical, psychiatric, or psychological information, and specific requirements (such as a court order or other requirements set out in GRAMA) for disclosure are not met.
    5. Restricted or Exempt Under Other law: The Record is otherwise exempted or precluded by law from disclosure.
    6. Record does not exist: GRAMA is an open Records requirement, not an information or Records creation requirement. In response to a request, the University is not required to:
      1. create a Record;
      2. compile, format, manipulate, package, summarize, or tailor information;
      3. provide the Record in a particular format, medium, or program not currently maintained;
    7. Duplicate Request: The Records include a duplicate of a prior Records request by the same person;
    8. Records Already Available: The Records requested already are publicly available;
    9. Written Claims of Business Confidentiality: From time to time businesses who submit documents to 91ɬÂþ will make claims of business confidentiality regarding these Records. 91ɬÂþ will request that the entity submitting the Record redact all claimed confidential information. Failure to make redactions may result in release of the information. 91ɬÂþ may not make redactions related to claims of business confidentiality. Redactions are made by the submitting entity and not 91ɬÂþ, and any challenge to the scope of the redactions should not involve 91ɬÂþ as a party. (Utah Code § 63G-2-309.)
  5. Records Management: The Records Officer shall coordinate and monitor GRAMA requirements, and any relevant guidance from the Utah Division of Archives and Record Services in the Classification, Designation, and coordinate with relevant administrators on the retention schedule and storage of 91ɬÂþ Records. See 91ɬÂþ Policy 5.53.
  6. Appeals to the President for Denial of Access to Records
    1. A requester who wants to appeal a denial of access to Records shall appeal to the 91ɬÂþ President, or the President’s Designee, within 30 days of the receipt of a denial of a Records request. Utah Code § 63G-2-401. An appeal must be written and include the name, mailing address and daytime telephone number of the requester or interested party and a description of the relief sought. The requester may also include a short statement of facts, reasons, and legal authority in support of the appeal.
    2. The 91ɬÂþ President may delegate the duties of responding to an appeal under GRAMA.
    3. Appeal responses will typically be made within 10 business days of receipt of the GRAMA appeal. The response may be made within five (5) business days after receipt of the appeal if the requester demonstrates that an expedited decision benefits the public rather than the requester or interested party. However, if no decision is rendered during these timeframes, the failure is equivalent to a decision affirming the access denial.
    4. Appeals of “extraordinary circumstances” are governed by the provisions of GRAMA.
    5. The 91ɬÂþ President, or a Designee, may weigh privacy concerns and interests against access interests and allow access to specific Private or Protected Records if the interests favoring access outweigh the interests favoring restriction of access. (Utah Code § 63G-2-401(6).)
    6. The University shall send written notice of the President’s (or Designee’s) decision on appeal to all participants, and the notice shall include the components as set out in Utah Code § 63G-2-401(7).
    7. Challenges to an appeal decision from the President (or Designee) may be made by appeal to the State Records Committee or petition for judicial review.
  7. Requests from Individuals to Contest the Accuracy or Completeness of Personal Records. If an individual believes that any Public, Private, or Protected University Record concerning them is incorrect, then the individual may contest the accuracy or completeness of the Record by requesting in writing that the governmental entity amend the Record. At the University, those requests may be made to the Records Officer.

V. RELEVANT FORMS/LINKS

N/A


VI. QUESTIONS/RESPONSIBLE OFFICE

The responsible office for this Policy is the Vice President for Finance. For questions about this Policy, contact the Records Officer at openrecords@suu.edu or the Office of Legal Affairs at legal@suu.edu.


VII. POLICY ADOPTION AND AMENDMENT DATES

Date Approved: July 17, 1992

Amended: August 12, 2021; September 25, 2023 [non-substantive amendment]