California school says records relating to shooter are protected by FERPA, HIPAA

Uncategorized

California school says records relating to shooter are protected by FERPA, HIPAA

Last month, 20-year-old Ali Syed went on a shooting spree killing three before killing himself. Student journalists at Saddleback College’s Lariat quickly learned that Syed had attended the school and began seeking more information about his attendance, Editor-in-Chief Angie L. Pineda said.

The Lariat reporters talked with a professor who taught Syed but has had difficulty getting any more information about him from school administrators. At first, school administrators said their request — for records relating to whether Syed was in the school’s programs for disabled students or those with special needs — could not be released because the records are private under FERPA, Pineda said. When she followed up, a school spokeswoman told her that HIPAA, the Health Insurance Portability and Accountability Act, protected the records from release. Pineda said the staff seeks the records because they are crucial to their reporting about what prompted Syed’s shooting and whether there were warning signs before.

Source: interview with Angie L. Pineda, Lariat editor-in-chief (March 6, 2013)

Former SPLC Attorney Advocate Adam Goldstein: We’ve heard this song and dance before from Ohio State employees, who cited FERPA and HIPAA as a basis for refusing to disclose disciplinary outcomes after sexual assault reports. Somehow, Saddleback College has managed to come up with something even dumber, here.

As the Department of Education has pointed out, FERPA does not protect the records of dead students. Syed killed himself. I’d have thought that was enough for Saddleback employees to piece it together themselves, but apparently, they’re still struggling. I’d explain it to them in smaller words but I don’t understand what part they don’t understand.

And as we’ve discussed in that Ohio State post, HIPAA only applies to organizations that are primarily in the business of providing health care. It doesn’t apply to law enforcement, it doesn’t apply to fire departments, and it doesn’t apply to university life offices. A person with basic literacy skills who is permitted to operate her own shoelaces and buttons would be able to figure this out from any summary of HIPAA anywhere, so to cite this is both a complete abdication of the basic obligation to meaningfully respond to public records requests, and evidence of someone possessing the intellectual curiosity of a cream cheese danish.  

(I apologize, that was a completely uncalled for thing to say about danishes, which are proud and noble pastries, rich with history, that have never once improperly withheld a record.)

Now, far be it from me to cast aspersions on Saddleback’s motivations, here, but I have a hard time taking them at their word that they are refusing to disclose information related to this person’s education due to an overwhelming concern with the completely imaginary privacy rights of a dead murderer. Do you think it might be possible–I mean, could it be the case–that Saddleback just doesn’t want anyone to know what services this person was or was not offered?

Let’s not forget that this same path was walked by Pima Community College in Arizona, when they cited FERPA as a basis for withholding e-mails related to their former student, Jared Loughner, who murdered six people in Tucson in January 2011. Out of their overwhelming desire to protected Loughner (and not at all out of, say, a desire to avoid anyone finding out what they knew and when they knew it), Pima Community College refused to disclose Loughner’s records, citing FERPA.

Pima lost the case, and when they finally did hand over the records (which showed that, while Pima struggled to figure out what to do, it was trying very hard to do the right thing), they also ended up handing over $25,000 in attorney’s fees.

The only real difference between Saddleback’s situation and Pima’s situation is that Loughner is still alive.  Take a minute to process that. 

A little less than two years after a court says FERPA doesn’t protect e-mails about the mental state of a campus shooter who is alive, Saddleback is citing FERPA (and the even more laughable HIPAA) as a basis for refusing to confirm the enrollment details of a campus shooter who is dead, and thus categorically exempt from FERPA.

It may be necessary to find local counsel to get a judge to order them to comply with the law. And then probably it’ll be necessary to hire some cartoonists or puppeteers to translate the judge’s order into something even a Saddleback administrator would understand.

In the meantime I’m just going to cross my fingers and hope that there has to be somebody at the college smart enough to realize how stupid this looks. Is there somebody there who is in charge of the pointy-scissors and watching the paste to make sure the other administrators don’t eat it? Can you forward this to him, please?

We rate this: Not protected by FERPA at all