Policy Author:
Office of Information Technology
Responsible Office-Department:
Office of Information Technology
Effective Date of Policy:
January 14, 2015
Last Updated:
January 14, 2025
Purpose
The purpose of this policy is to ensure that Daemen University operates in compliance with the provisions of the United States Federal Higher Education Opportunity Act (HEOA) concerning the verification of student identity in distance education.
All credit‐bearing courses and programs offered through distance education methods must verify that the student who registers for a distance education course or program is the same student who participates in and completes the course or program and receives academic credit. According to the HEOA, one or more of the following methods must be used:
- An individual secure login and password,
- Proctored examinations, and/or
- Other technologies or practices that are effective in verifying student identification.
All methods of verifying student identity in distance learning must protect the privacy of student information.
Narrative
All individuals accessing the University’s technology systems and network are bound by our Acceptable Use Policy as outlined in the Student Handbook and on the University’s website.
The Acceptable Use Policy explicitly states:
“Accounts on University servers are issued to individual users and are not transferable. The person to whom an account is granted is responsible for all use of that account. Sharing an account or password is not permitted, and users are required to take reasonable steps to ensure the security of their account. Making computing resources available to non-authorized users in any other manner is not permitted. All University faculty, staff, and student employees are required to abide by the University’s Confidentiality Agreement.”
Ensuring Student Identity Verification in Distance Education Courses
The aforementioned authentication credentials secure and verify access to most Daemen technology systems, including our Learning Management System (Blackboard), Student Information System (Ellucian Colleague), web portal (MyDaemen), and email and calendaring platform (Google Apps).
Daemen University students register for all courses using their authentication credentials to access the online registration utilities within Ellucian SelfService. Those credentials are required to access the Learning Management System and most other technology systems.
Protection of Student Privacy
Family Education Rights and Privacy Act (FERPA)
Parents granted the right to review or inspect their children’s education records under FERPA are directed to contact the Registrar’s Office to obtain the necessary information. Parents cannot verify a student’s identity. This process can only be done by the student.
Student Record Access
Our Student Information System (Ellucian Colleague) records all confidential student records. Select University administrators have access to institutional data stored in this system. The system is accessed through a web interface protected by an SSL certificate (DigiCert SSL Certificate), and personnel use their Active Directory authentication credentials to gain access.
Students have access to only their student records. They access their information stored within our Student Information System (Ellucian Colleague) using the Ellucian SelfService platform. SelfService is protected by an SSL certificate, and students can use their Active Directory authentication credentials to gain access.
Resetting Student Passwords
Students are allowed and encouraged to reset their passwords often. However, only the student may reset their password, and parents may not request a password change. As of December 3, 2024, password resets will no longer be conducted via telephone. Instead, a video call with the user is required, or the user may use the online password reset tool.
The password reset tool is a website available on the MyDaemen portal. The password reset tool prompts the user to log in to MyDaemen to re-enter their current password and then to choose and confirm a new one. All passwords must meet our minimum password strength requirement:
- is at least 16 characters long
- not a dictionary word
- contains numbers and letters (upper and lower case)
- contains characters such as &, *, $, @, <, -, +, or !
If our email systems administrators are notified that a student’s account may have been compromised, they immediately lock access to the account. After locking the account, they check it for any settings that may have been changed without the student’s knowledge. If changes are found, we correct the settings before allowing the student to reset their password and regain access to their account.
Additional Charges Associated with Student Identity Verification
Daemen University does not assess any additional charges associated with student identity verification procedures, such as proctoring fees.
Consistent Application of Student Identity Verification Procedures
The Office of Information Technology (OIT) consistently applies student identity verification procedures. OIT reviews these policies and procedures annually in August.