Legal Counsel > Legal Topics & Frequently Requested Information

Legal Topics

Frequently Requested Information

Contracts
Email and Electronic Discovery
Federal and State Agency Inspections
FERPA and Privacy Issues
HIPAA
Compliance / Risk Management
Logo and Name Use
Copyright / Intellectual Property
Service of Process of Subpoenas
Charitable Giving Measures Impacting Colleges and Universities

Charitable Giving Measures Impacting Colleges and Universities

For information on how recent federal legislation has impacted charitable giving, please see http://www.nacua.org/nacualert/docs/Pension.asp.

Compliance / Risk Management

For information on insurance and releases, conflicts on interest, and risk management, please contact Brian Burns, Assistant General Counsel and Director of Risk Management.

Contracts

The University Counsel’s Office reviews the form of all contracts and agreements to which the University is a party prior to signature. Our office can provide model agreement templates for departments, and is available to assist departments in negotiating agreements. For information and questions about contracts, please contact Karen Abbott, Assistant University Counsel.

See Form section.

Email and Electronic Discovery

Be careful What You Put In Writing...

Question: I've heard that e-mail may be used as evidence in a lawsuit; is e-mail subject to discovery in litigation?

Answer: Yes. In litigation, e-mail is a discoverable form of communication. Some people treat e-mail as if it were casual, oral communication, the kind of discussion they might have with a good friend. However, while oral communications go away, except as may be preserved in one's memory, e-mails do not. E-mails get saved, copied, printed, forwarded, filed, and even when deleted by you, may be archived elsewhere or may have been kept by the party with whom you're communicating. And when printed, e-mails look like memos or letters.

Therefore, it's important to keep in mind that what you write may some day be evidence. Utilize the same thought and care in e-mail communication that you use in other forms of business and professional communication.

Federal and State Agency Inspections

Question: A state inspector stopped by my work area and asked what chemicals I work with and where they are stored. Should I have given the inspector the information?

Answer: Regulatory agencies conduct a number of routine inspections at our facilities but MUST be accompanied by and administrative representative of the University who has thorough knowledge of the program being inspected or audited. For example, an inspector from Occupational Health and Safety Administration (OSHA) or the Massachusetts Department of Environmental Protection (DEP) may request to visit research laboratories selected at random to determine if the University has implemented safe work practices with chemicals or is properly storing hazardous materials. In this case, the inspector would need to first meet with a representative of the Northeastern University Environmental Health and Safety (EH&S) Office to identify the purpose of the visit and request permission to visit any work area. As part of implementing the University safety policy, unauthorized visitors must be immediately asked to leave the work area, especially an area where hazardous materials are stored or used.

Inspectors have the right of entry to inspect in most cases, as determined by applicable occupational or environmental regulatory statute. Northeastern University will always fully cooperate with official inspections and the EH&S representative will escort the inspector. The EH&S representative will arrange for access to restricted areas as needed and will be able to provide additional information on safety programs implemented for that work site and answer any questions the inspector may have. So, as in the instance you describe in your question above, should any unauthorized visitor or inspector come to your work site, contact your supervisor who then must contact immediately the appropriate University administrator and the University's Environmental Health and Safety Office.

For further information on how NU fulfills its obligations to be in compliance with all occupational health, safety, and environmental rules and regulations, please visit the Office of Environmental Health and Safety at http://www.ehs.neu.edu/index.php.

FERPA and Privacy Issues

FERPA (Family Educational Rights and Privacy Act) protects students' privacy in their "education records", broadly defined as "those records, files, documents, and other information directly related to a student and which are maintained by an educational...institution or by a person acting for such...institution". 20 U.S.C. Section 1232g(a)(4)(A).

Posting Class Rosters

Question: Are there any FERPA problems raised by computer-posting a class list for students, containing phone numbers and e-mail addresses?

Answer: If you intend to create an accessible computer-based class roster including such information as students address, telephone numbers and/or e-mail addresses, you must advise the students of your plan in your syllabus. And students must have an opportunity to fully participate without disclosing the requested information. While you may be well-intended, just trying to provide a convenience for your students, acting without consent in this type of scenario may put you in violation of FERPA (Family Educational Rights and Privacy Act)

So-called "directory information", however, can be released without violating the protections of FERPA. FERPA defines "directory information" as "information contained in an education record that would generally not be considered harmful or an invasion of privacy if disclosed, including but not limited to, the student's name, address, telephone listing, electronic mail address, photograph, date and place of birth, major field of study, dates of attendance, grade level, enrollment status, participation in officially recognized activities and sports, weight and height of members of athletic teams, degrees, honors and awards received and the most recent educational agency or institution attended". 20 U.S.C. Section 1232g(a)(5)(A); 34 C.F.R. Section 99.3. The University may disclose directory information where it has given public notice to students and the types of information it has designated as directory information and provided the student with the opportunity to opt out of having any or all of those types of information disclosed as directory information. 34 C.F.R. Section 99.37.

Northeastern University has designated only the following as directory information: Full name, date of birth, major field of study, dates of attendance, class year, degrees and awards received, most recent previous educational institution attended, participation in formerly recognized University athletics, weight and height of members of athletic teams, participation in officially recognized University activities and student organizations. The University's designation of what constitutes directory information is published in the Northeastern University Undergraduate Student Handbook. Note that the University's designation does not include address, telephone listing or electronic mail address. Therefore, if you want to post such information, a written in-advance go ahead from your students is the prudent approach.

For information about how Northeastern implements FERPA, see http://neu.edu/registrar/ferpa.html.

HIPAA

HIPAA (Health Insurance Portability and Accountability Act) protects protected health information that is maintained and transmitted electronically. HIPAA requires administrative, technical and physical safeguards for storage, transmission, and access.

University’s HIPAA Security Officer: Glenn Hill, CISSP, IAM, Manager of IT Security
University’s HIPAA Privacy Officer: Nan Clark Regina, Director, Division of Research Integrity

Logo and Name Use

For information about use of Northeastern’s name and logo, visit the Division of Marketing and Communications Branding Toolkit at http://www.northeastern.edu/toolkit/overview.html/.

Intellectual Property / Copyright Questions

University Copyright Officer: Gerald Herman, Asst. Professor and Special Asst. to University Counsel

Service and Process of Subpoenas

From time to time, University personnel are asked to accept official legal documents such as subpoenas or summonses. Notices are sometimes addressed to the University itself, to individually named officials of the University, or to individual members of the University community. In some instances, legal notices are received by mail; in other instances, they may be hand-delivered by a "process server" (such as a constable or deputy sheriff).

The Counsel’s Office is the registered agent for Northeastern University, meaning that all subpoenas must be served on the Counsel and should not be directed to any other department.

A subpoena is an official court document that requires the recipient to appear in court, and often to produce documents. If you are served with a subpoena, please inform the server that you are not authorized to receive it and ask that they bring it directly to the University Counsel’s Office. This is extremely important. Please do not try to execute the subpoena’s request on your own, even if the request seems simple and straightforward, as it may have serious legal consequences for the University. If you are asked to accept service of a summons or subpoena addressed to the University or an individual other than yourself, refer the process server to the Office of University Counsel (378 Columbus Place), which will determine whether it can be accepted by the University.

Once the University Counsel receives the subpoena, we may ask your department to produce certain records or other information requested in the subpoena. Generally, the Registrar’s Office facilitates this process, and may also ask you for documents. We ask that you please cooperate with the Registrar’s Office and respond quickly to their needs. If you have any questions about requests, please feel free to contact our office.

If you are contacted by an attorney, please refer that attorney to the Office of University Counsel.

Background Checks

In addition to persons serving subpoenas, you may also be approached by someone who is looking for private information about a student or an employee or who wants to perform a background check. Please be advised that anyone requesting these items should be directed to the Counsel’s Office. It is imperative that we check an individual’s credentials before providing him or her with confidential documents.


Legal Topics & Frequently Requested Information Immigration University Resources Forms Newsletter Staff Other Legal Resources Legal Links Contact Us NACUA Notes Contract Review Policy	Legal Topics Frequently Requested Information Contracts Email and Electronic Discovery Federal and State Agency Inspections FERPA and Privacy Issues HIPAA Compliance / Risk Management Logo and Name Use Copyright / Intellectual Property Service of Process of Subpoenas Charitable Giving Measures Impacting Colleges and Universities Charitable Giving Measures Impacting Colleges and Universities For information on how recent federal legislation has impacted charitable giving, please see http://www.nacua.org/nacualert/docs/Pension.asp. Compliance / Risk Management For information on insurance and releases, conflicts on interest, and risk management, please contact Brian Burns, Assistant General Counsel and Director of Risk Management. Contracts The University Counsel’s Office reviews the form of all contracts and agreements to which the University is a party prior to signature. Our office can provide model agreement templates for departments, and is available to assist departments in negotiating agreements. For information and questions about contracts, please contact Karen Abbott, Assistant University Counsel. See Form section. Email and Electronic Discovery Be careful What You Put In Writing... Question: I've heard that e-mail may be used as evidence in a lawsuit; is e-mail subject to discovery in litigation? Answer: Yes. In litigation, e-mail is a discoverable form of communication. Some people treat e-mail as if it were casual, oral communication, the kind of discussion they might have with a good friend. However, while oral communications go away, except as may be preserved in one's memory, e-mails do not. E-mails get saved, copied, printed, forwarded, filed, and even when deleted by you, may be archived elsewhere or may have been kept by the party with whom you're communicating. And when printed, e-mails look like memos or letters. Therefore, it's important to keep in mind that what you write may some day be evidence. Utilize the same thought and care in e-mail communication that you use in other forms of business and professional communication. Federal and State Agency Inspections Question: A state inspector stopped by my work area and asked what chemicals I work with and where they are stored. Should I have given the inspector the information? Answer: Regulatory agencies conduct a number of routine inspections at our facilities but MUST be accompanied by and administrative representative of the University who has thorough knowledge of the program being inspected or audited. For example, an inspector from Occupational Health and Safety Administration (OSHA) or the Massachusetts Department of Environmental Protection (DEP) may request to visit research laboratories selected at random to determine if the University has implemented safe work practices with chemicals or is properly storing hazardous materials. In this case, the inspector would need to first meet with a representative of the Northeastern University Environmental Health and Safety (EH&S) Office to identify the purpose of the visit and request permission to visit any work area. As part of implementing the University safety policy, unauthorized visitors must be immediately asked to leave the work area, especially an area where hazardous materials are stored or used. Inspectors have the right of entry to inspect in most cases, as determined by applicable occupational or environmental regulatory statute. Northeastern University will always fully cooperate with official inspections and the EH&S representative will escort the inspector. The EH&S representative will arrange for access to restricted areas as needed and will be able to provide additional information on safety programs implemented for that work site and answer any questions the inspector may have. So, as in the instance you describe in your question above, should any unauthorized visitor or inspector come to your work site, contact your supervisor who then must contact immediately the appropriate University administrator and the University's Environmental Health and Safety Office. For further information on how NU fulfills its obligations to be in compliance with all occupational health, safety, and environmental rules and regulations, please visit the Office of Environmental Health and Safety at http://www.ehs.neu.edu/index.php. FERPA and Privacy Issues FERPA (Family Educational Rights and Privacy Act) protects students' privacy in their "education records", broadly defined as "those records, files, documents, and other information directly related to a student and which are maintained by an educational...institution or by a person acting for such...institution". 20 U.S.C. Section 1232g(a)(4)(A). Posting Class Rosters Question: Are there any FERPA problems raised by computer-posting a class list for students, containing phone numbers and e-mail addresses? Answer: If you intend to create an accessible computer-based class roster including such information as students address, telephone numbers and/or e-mail addresses, you must advise the students of your plan in your syllabus. And students must have an opportunity to fully participate without disclosing the requested information. While you may be well-intended, just trying to provide a convenience for your students, acting without consent in this type of scenario may put you in violation of FERPA (Family Educational Rights and Privacy Act) So-called "directory information", however, can be released without violating the protections of FERPA. FERPA defines "directory information" as "information contained in an education record that would generally not be considered harmful or an invasion of privacy if disclosed, including but not limited to, the student's name, address, telephone listing, electronic mail address, photograph, date and place of birth, major field of study, dates of attendance, grade level, enrollment status, participation in officially recognized activities and sports, weight and height of members of athletic teams, degrees, honors and awards received and the most recent educational agency or institution attended". 20 U.S.C. Section 1232g(a)(5)(A); 34 C.F.R. Section 99.3. The University may disclose directory information where it has given public notice to students and the types of information it has designated as directory information and provided the student with the opportunity to opt out of having any or all of those types of information disclosed as directory information. 34 C.F.R. Section 99.37. Northeastern University has designated only the following as directory information: Full name, date of birth, major field of study, dates of attendance, class year, degrees and awards received, most recent previous educational institution attended, participation in formerly recognized University athletics, weight and height of members of athletic teams, participation in officially recognized University activities and student organizations. The University's designation of what constitutes directory information is published in the Northeastern University Undergraduate Student Handbook. Note that the University's designation does not include address, telephone listing or electronic mail address. Therefore, if you want to post such information, a written in-advance go ahead from your students is the prudent approach. For information about how Northeastern implements FERPA, see http://neu.edu/registrar/ferpa.html. HIPAA HIPAA (Health Insurance Portability and Accountability Act) protects protected health information that is maintained and transmitted electronically. HIPAA requires administrative, technical and physical safeguards for storage, transmission, and access. University’s HIPAA Security Officer: Glenn Hill, CISSP, IAM, Manager of IT Security University’s HIPAA Privacy Officer: Nan Clark Regina, Director, Division of Research Integrity Logo and Name Use For information about use of Northeastern’s name and logo, visit the Division of Marketing and Communications Branding Toolkit at http://www.northeastern.edu/toolkit/overview.html/. Intellectual Property / Copyright Questions University Copyright Officer: Gerald Herman, Asst. Professor and Special Asst. to University Counsel Service and Process of Subpoenas From time to time, University personnel are asked to accept official legal documents such as subpoenas or summonses. Notices are sometimes addressed to the University itself, to individually named officials of the University, or to individual members of the University community. In some instances, legal notices are received by mail; in other instances, they may be hand-delivered by a "process server" (such as a constable or deputy sheriff). The Counsel’s Office is the registered agent for Northeastern University, meaning that *all subpoenas must be served on the Counsel* and should not be directed to any other department. A subpoena is an official court document that requires the recipient to appear in court, and often to produce documents. If you are served with a subpoena, please inform the server that you are not authorized to receive it and ask that they bring it directly to the University Counsel’s Office. This is extremely important. Please do not try to execute the subpoena’s request on your own, even if the request seems simple and straightforward, as it may have serious legal consequences for the University. If you are asked to accept service of a summons or subpoena addressed to the University or an individual other than yourself, refer the process server to the Office of University Counsel (378 Columbus Place), which will determine whether it can be accepted by the University. Once the University Counsel receives the subpoena, we may ask your department to produce certain records or other information requested in the subpoena. Generally, the Registrar’s Office facilitates this process, and may also ask you for documents. We ask that you please cooperate with the Registrar’s Office and respond quickly to their needs. If you have any questions about requests, please feel free to contact our office. If you are contacted by an attorney, please refer that attorney to the Office of University Counsel. Background Checks In addition to persons serving subpoenas, you may also be approached by someone who is looking for private information about a student or an employee or who wants to perform a background check. Please be advised that anyone requesting these items should be directed to the Counsel’s Office. It is imperative that we check an individual’s credentials before providing him or her with confidential documents.
Northeastern Home Find Faculty & Staff Find A-Z Search © 2007 Northeastern University • 360 Huntington Ave., Boston, Massachusetts 02115 • 617.373.2000 • TTY 617.373.3768