Users' personal information may, under certain circumstances itemized below, be disclosed to other users in Blackboard Learn. These disclosures and the user's right to choose privacy options are in keeping with FERPA regulations.

Blackboard Learn users who have access to the Administrator Panel may be allowed to view personally identifiable information because they are "school officials with legitimate educational interest." Administrators can view (and in some cases change) users' personal information, including student IDs, grades and other education records, passwords, contact information, and roles in courses, organizations, and Outcomes system contexts. System roles can also be given privileges to access Outcomes Assessment contexts as well as courses and organizations, including the course or organization Control Panel. Institutions need to use caution and good judgment when granting users administrative roles that have privileges to access the paths listed in System Administration Paths.

Privileges can be customized by the institution to limit which system roles have administrative access to users' personal information.

As a security precaution, only administrators can modify privileges.

Institutions can achieve a satisfactory balance between protecting privacy and giving users with "legitimate educational interest" the information they need to do their jobs by assigning roles and configuring privileges appropriately.


System administration paths

The paths listed below give administrators access to personal information.

Administrator Paths to Personal Information
(Course Catalog module) Course Catalog Browse > Preview course with Control Panel and Quick Enroll links in Menu
(Organization Catalog module) Organization Catalog Browse > Preview org with Control Panel and Quick Enroll links in Menu
Administrator Panel (Content Management) > Administrator Search
  > Manage Content
Administrator Panel (Communities) > Domains
  > eCommerce > Payment Gateway
  > Payment Gateway Reports
  > eCommerce > Reports > eMarketplace Reports
  > eCommerce > Reports > My Accounts Report
  > eMarketplace > Orders
  > eMarketplace > Vendors
  > Modules (delegated module administration)
Administrator Panel (Organizations) > Organizations > Archive Organization
  > Organizations > Copy Organization > Copy Organization with Users (Exact Copy)
  > Organizations > Modify Organization > Access Statistics
  > Organizations > Modify Organization > Enrollments
  > Organizations > Preview org with Control Panel and Quick Enroll links in Menu
  > Organizations > Restore Organization
Administrator Panel (Courses) > Courses > Archive Course
  > Courses > Copy Course > Copy Course with Users (Exact Copy)
  > Courses > Modify Course > Course Access Statistics
  > Courses > Modify Course > Enrollments
  > Courses > Preview course with Control Panel and Quick Enroll links in Menu
  > Courses > Restore Course
Administrator Panel (Users) > Users

Log files

Log files contain records of specific events and user actions in the system and therefore include personal information. Institutions need to use caution and good judgment when granting users system roles that have privileges to access the paths listed below. Access to the logs can be controlled in the user interface (UI) through flexible privilege management. Logs are also accessible using the command line, and only trusted users should be granted access to command line actions.

The following paths give administrators access to log files:

Administrator Paths to Log Files
Administrator Panel (Tools and Utilities) > Logs > Download System Logs
Administrator Panel (Tools and Utilities) > Logs > Send System Logs

Integrated learning environments

Vista and CE Learning Systems have their own privacy and personal information options. When these systems are integrated with Blackboard Learn, the user's privacy choices in their native Vista or CE learning environment do not carry over into Blackboard Learn or the other way around. Users need to set their privacy options in each system separately.


Snapshot

Snapshot provides the ability to bulk load user data and synchronize user data with external systems. If an institution is creating and modifying users in the system using Snapshot, any privacy 'flags' for the user's privacy options can be populated from an external data source. Many institutions use this function to transfer the 'FERPA flags' that are typically stored in the student information system directly into Blackboard Learn.

Because Snapshot is a powerful tool with full access to user data as well as other sensitive system data, only trusted users should be granted access to Snapshot command line actions.


User Selector

When an administrator needs to select another user, to enroll them in a course for example, they can browse for other users with the User Selector, which displays users' names, usernames, and email addresses. With the exception of Content Management, this function is only available to administrators, instructors and leaders (and similar roles) in courses and organizations, and managers in the Outcomes System, all of whom are generally "school officials with legitimate educational interest."


Content management

One of the primary purposes of the Content Collection is for users to share content with one another. Users can be uniquely identified only by their usernames, so the username is displayed as part of the path in the /users directory. To select which people to give permission to for sharing, a user will see a list of other users in the User Selector, which displays the users' names and usernames.

If the institution wants to restrict this display of personal information, they can set the Content Collection privacy settings so that only users who have opted in to be included in the User Directory will be included in searches in the Content System User Selector. This setting is under Administrator Panel > Content Management > Content Management Settings > Privacy Settings.

Users can also independently decide not to share any content that is in their /users directory with other users in the system. This action prevents others from seeing their username in the path for that content. Alternatively, users can send passes and permanent URLs to other users to share content, hiding the path location of the content and protecting their usernames from being revealed.


Community Engagement discussion boards

The name of a user who posts to a Community Engagement discussion board is displayed, along with the posting, to all users participating in the discussion. To avoid this display of personal information, the user can choose to post to the discussion board anonymously if anonymous posts have been enabled.

The ability to create Community Engagement discussion boards can be turned off by making the Discussion Board Creation module unavailable and using flexible privileges to restrict access to Administrator Panel > Communities > Discussion Boards.


Building blocks

Homegrown or commercial building blocks can be installed that access users' personal information, with or without the users' consent. When a building block is made available, the administrator reviews a disclosures page that states whether the building block accesses users' personal information. The administrator needs to be careful to only install building blocks that are trusted, particularly if they access users' personal information. Building Blocks may also include links to external systems that have their own privacy policies and settings.