Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-68093

Membership in some groups should be hidden from some roles for FERPA/ADA compliance (data privacy issue)

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 3.8
    • Fix Version/s: None
    • Component/s: Groups
    • Labels:
    • Affected Branches:
      MOODLE_38_STABLE

      Description

      There is a FERPA/ADA compliance issue stemming from a design collision between the group override function and the participants page design.

      At some institutions, groups and membership in groups are used to implement accomodations for students via group override in a consistent manner (e.g. extensions to due dates, alteration to quiz time limits, etc.) Regardless of how these groups are named, the presence of students in these groups exposes their "different" status to anyone who can view this group membership.

      In at least one reported incident,  this resulted in an official complaint to OCR (U.S. Office for Civil Rights https://www.hhs.gov/ocr/index.html), which has already contacted our school to follow-up. This is based on default Moodle settings.

      The available workaround at this institution was to modify the default student role permissions to prohibit student access to the participants page. However, these options would be preferred (in order of preference):

      First choice:    Implement a "private" group checkbox for groups, and update the participants page to omit listings for groups flagged as private. Also recommended: force access restrictions based on private groups to be completely hidden (i.e. not greyed out w/ restriction condition listed) Also omit private groups from the filter except for teacher, manager, and admin roles (if this could come into effect anywhere).

      Second choice:   Update the participants page to omit group membership (this seems much less ideal since looking up your own group membership and who else is in your group seems to be a design goal of this page).

      Third choice:   Update the default student role permissions so that students cannot see the participants page by default. This is not optimal for a number of reasons.

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              emdalton1 Elizabeth Dalton
              Participants:
              Component watchers:
              Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze
              Votes:
              8 Vote for this issue
              Watchers:
              9 Start watching this issue

                Dates

                Created:
                Updated:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 5 minutes
                  5m