Since my organization is part of the educational sector of business, there is no direct page of department within the organization that sells products. There is however third party companies that work with the institution, and of our competitors, that offer academic transcript delivery services. Docufide, an affiliation of Parchment Inc., serves as the transcript delivery service for City Colleges of Chicago where I work as a Registrar. The college used for comparison is Kankakee Community College who uses National Clearing House as the delivery service of transcript requests.

While researching the privacy policies of Docufide and National Clearing House as I target how they compare and how they use the customer (students’) information they collect, I found that both include four major issues that relate to the “Fair Information Principles”. Both policies give notice of the information practices before collecting data. The choice is given on how the information will be collected and if the information can be used. Both Docufide and National Clearing House give access to their consumers to contest accuracy and completeness of data collected about them and lastly both companies take “reasonable steps” to assure the customers that the information is secure from unauthorized use. Both policies are explicit to the fact that they will not “sell, rent, provide or otherwise share individual information generated…” from the use of the site or setting up an account with the companies’ site; except for the instances they disclosed in the policy. Both of the companies on some instances within the policies will use personal information collected to send information about the company, products and services and to contact the customer (student) when necessary and to inform the educational institutions and students about their records.

Both policies go into to explain that “de-identified” forms of students’ information will be used for statistical purposes and to help with monitoring and/or correction of the web sites’ servers. Both policies also explain what “de-identified” forms of information are; letting the customer know that “no single student or institution can be identified” from such statistics generated or used by the company. An important portion of both companies’ privacy policies is that customers may “opt out” of the disclosure of information or from the communication through email, telephone solicitations, and/or postal mail. Lastly for security, both sites use encryption technology for all personal or institution identifying information that is inputted on-line during completion of order forms or other correspondence with either company, including credit card, debit card or other billing information.

The clear difference between both companies’ privacy policies is that Docufide states clearly that the policy is subject to change and “from time to time” the notice will be displayed at least fifteen days prior to the use of the new policy. National Clearing House does not include a time frame on how far in advance notices will be displayed on the company’s website; this legal implication alone could change the way the rights for the customer can and will be enforce, depending on when the site was used.

How much protection do you think is offered by these policies?
Both have to be under The Uniformed Electronic Transactions Act (UETA) issued in 1999 because they both have to have consent from the requestor. E-signatures include encrypted digital signatures, names (intended as signatures) at the ends of e-mail messages, and clicks on a Web page if the click includes the identification of the person (Miller & Gentz, 2010, p. 220). State laws and federal laws govern e-signatures and in the case of some states such as California, prohibit many types of documents from being signed with e-signatures. According to Miller & Gentz (2010), “ in an attempt to create more uniformity among the states, in 1999 the National Conference of Commissioners on Uniform Ste law and the American Law Institute promulgated the Uniform Electronic Transaction Act (UETA), (p.221). There’s also “legal sufficiency of consideration involving the requirement that consideration be something of value in the eyes of the law, Miller & Gentz, 2010, p. 223. Their policies should also be protected under e-signature technologies, state laws governing e-signatures and federal law on e-signatures and e-documents.

How could they be improved?

Both policies did not mention topics on e-signature’s and electronic payment systems and their impact on business. Miller & Gentz, (2010), “ in 2000, Congress enacted the Electronic Signature in Global and National Commerce Act (E-SIGN Act), which provides that no contract, recorded or signature may be “denied legal effect” solely because it is in electronic form” (p. 221). For an e-signature to be enforceable, contracting parties must have agreed to use electronic signatures.” For an electronic document to be valid, it must be in a form that can be retained accurately reproduced (p 221). They should also include a refund and return policies in the event transcripts are sent in error.

Reference:

http://ccc.edu http://www.docufide.com/privacy-policy http://kkc.edu
Miller, R., & Jentz, G. (2011). Business law today (9th ed.). Mason, OH: Cengage Learning
http://www.studentclearinghouse.org/files/terms-privacy.pdf