It has been more than a year since Collin’s Law went into effect, increasing hazing reporting and response requirements for Ohio colleges and universities. The legislation expanded the definition of hazing, increased the penalties for failure to report hazing, required colleges and universities to adopt an anti-hazing policy and to train students on hazing awareness and prevention. For public and private higher education institutions, Collin’s Law also added two reporting requirements found in Ohio Revised Code § 3334.19.
The first reporting requirement is a summary report that must be published on or before January 15, 2023. This “initial report” is a five-year look back on all reported incidents of hazing since October 7, 2021 (the effective date of Collin’s Law). The scope of the initial report and the need to be mindful of maintaining the confidentiality of FERPA-protected information is discussed in more detail below.
The second reporting requirement is an ongoing one. During this current academic year, higher education institutions are required to maintain a report of violations of the institution’s hazing policy, which is published on their websites twice a year. The ongoing report needs to contain all of the following: (1) the name of the subject of the report; (2) the date when the subject of the report was charged with a violation of the institution’s policy or other state law regarding hazing; (3) a general description of the violation, and any investigation and findings by the institution, and any penalties imposed on the subject of the report; and (4) the date on which the matter was resolved. R.C. § 3345.19(D)(1).
Be aware of the scope of the five-year initial report.
The “initial report,” which includes “information concerning hazing violations that have been reported to the institution for the five consecutive years prior to the effective date of [Collin’s Law],” is required to include the same information listed in the ongoing report. However, Collin’s Law recognizes that colleges and universities may not have retained all of the information requested for the ongoing hazing reports. See R.C. § 3345.19(D)(3).
Collin’s Law’s reporting requirements in R.C. § 3345.19(D) for the initial report and the ongoing report are written in a potentially ambiguous manner. The ongoing report requires only information related to “violations” of the institution’s hazing policy or Ohio laws regarding hazing. But the five-year initial report requires the college to disclose “information concerning hazing violations that have been reported to the institution.” The new law’s description of the initial report could be read in a way that requires the institution to publish reported hazing conduct in which the institution found an individual or entity responsible through an on-campus investigation for hazing and those cases where the charged party was found to be not responsible for violating college policy.
Institutions should contact their legal counsel to determine the scope of their initial report and whether the institution should include all reported incidents of hazing and their conduct outcomes, even where an individual or organization was found to be not responsible.
The ongoing and initial reports must comply with FERPA.
Collin’s Law recognizes that the initial and on-going reports must be written in a manner that does not violate the Family Educational Rights and Privacy Act of 1974 (FERPA), 20 U.S.C. § 1232(g), and its related regulations found at 34 C.F.R. Part 99. See R.C. § 3345.19(D). Recall that FERPA prohibits the release of a student’s personally identifiable information without the individual’s consent.
FERPA defines “personally identifiable information” broadly. The definition includes “other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school or community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty[.]” 34 C.F.R. § 99.3. So, your initial report will need to be reviewed to ensure that a reasonable person at the institution or in the local community who reviews the information would not be able to identify a specific student with reasonable certainty. Let’s go over an example that could meet this definition.
Your initial draft report will likely contain information related to reports and investigations involving student organizations. In this hypothetical, the draft report not only identifies a student organization by name but also refers to “the president” of the student organization as a “subject of the report” at the time the report was made. It does not use that student’s name.
This scenario should be instantly familiar and should also set off alarm bells. A reasonable community member would be able to identify this specific student with reasonable certainty based on information that would be publicly available to members of the campus community – the name of the president of a student organization may be easily accessible through a simple search of the institution’s office of student activities website, a quick review of a yearbook, or scrolling through the social media accounts of the organization or the institution. It is important to review these reports with the goal of meeting Collin’s Law’s disclosure requirements without disclosing protected information.