School Law & Legislative Update: New Laws In Effect 2024

Act 24 of 2023:

Effective 11/06/2023. Adds Section 1302.1 to the Public School Code entitled “Military Child Advance Enrollment” to require schools to develop a policy on enrollment of students to allow a child whose parent or guardian is an active duty member of the armed forces and has received orders to transfer into or within the Commonwealth of Pennsylvania to enroll in the school district prior to establishing residency for purposes of Section 1302 upon providing a copy of the official military orders and proof of the parent/guardian’s intention to move into the school district. This proof may include a signed contract to purchase a home, a signed lease, or statement from the parent/guardian stating their intention to move into the school district.

Act 26 of 2023:

Effective 01/05/2024. Repeals section 1112 of the Public School Code that prohibits teachers from wearing any dress, mark emblem or insignia indicative of their faith or denomination. This Act was passed on November 6, 2023 and is effective in 60 days.

Act 33 of 2023:

Effective 12/13/2023. Omnibus amendments to the Public School Code of 1949 including the following provisions:

Read the entirety of Act 33 here.

HIGHLIGHTS INCLUDE:

• Added a new Article XII-B entitled “Educator Pipeline Support Grant Program.” This is a new program within the Pennsylvania Higher Education Assistance Agency (PHEAA) to awards grants to individuals who are seeking placement as student teachers. Ten million dollars is available for implementation of the program, and the minimum grant available to a student teacher is $10,000. An additional minimum grant of $5,000 is available to a student teacher who is student teaching in a school entity in an area that “attracts few student teachers” or that “has a high rate of open teaching positions.” In addition to the student teacher receiving a grant payment, the student teacher’s cooperating teacher shall also receive a minimum grant of $2,500, unless the cooperating teacher receives compensation from an institution of higher education for servicing as a cooperating teacher.

• Section 1302-C (relating to school safety) is amended to now require that when a school police officer is appointed by a court, the court order must be submitted to the School Safety and Security Committee established under Section 1302-B. In addition, a school that has previously applied to court to appoint a person to act as a school police officer prior to the effective date of this subsection is required, within 120 days of the effective date of this subsection, submit a copy of the court order relating to the appointment of each school police officer to the committee. This subsection takes effect immediately.

• Adding a new Article XXVI-L entitled “School environmental Repairs Program,” to provide for a restricted account in the Commonwealth general fund to provide grants for the abatement or remediation of environmental hazards in school buildings; PDE is to develop an application process for schools to apply for the grants; eligible projects include abatement or remediation of lead in water sources, asbestos and mold inside the school building; the school must have a local match of at least 50% of the total cost of all the projects listed in its application; the local match may come from any non-state source funding, including federal and local donations, and the local match must be documented as part of the application.

Act 35 of 2023:

Effective 12/13/2023. Omnibus amendments to the Public School Code of 1949 including the following:

Read the entirety of Act 35 here.

HIGHLIGHTS INCLUDE:

• Section 130 is added to include a new section entitled “Public Job Posting Database” which is a public database to be established and maintained by PDE for both public and nonpublic schools to voluntarily advertise job vacancies.

• Section 131 is added to include a requirement that school entities, which includes charter schools, to submit information about instructional vacancies to PDE by August 31, 2024. The information required to be submitted includes the total budgeted number of instructional employees and vacancies included in the final adopted budget; and the quarterly average number of instructional vacancies had by the school during the school year. This information is to be posted on PDE’s website.

Act 52 of 2023:

Effective 12/14/2023 (see note about retroactivity). Adds a new Section 1525.1 to the Public School Code of 1949 entitled “Calculation of Average Daily Membership for a Dual Credit Course.” This section provides that a high school student who is enrolled in a dual credit course may be included in the school entity’s average daily membership.
This section shall apply retroactively to July 1, 2023.

Act 55 of 2023:

Effective 02/12/2024. Amends Section 1403 of the Public School Code of 1949 to provide for dental screenings by a school dentist or public health dental hygiene practitioner (previously only permitted dental examinations by a dentist).

Act 56 of 2023:

Effective 12/14/2023. Adds a new Section 103 to the Public School Code of 1949 entitled “Minimum Number of Days or Hours.” Provides that beginning in the 2023-2024 school year, a school entity is required to provide a minimum of 180 days or instruction OR 900 hours of instruction at the elementary level or nine hundred ninety (990) hours of instruction at the secondary level. This section does not preempt or supersede a collective bargaining agreement that was entered into prior to the effective date of this section. This Act is effective immediately. (Previously the requirement was 180 days AND the hours requirement). Note, However, That This Section Appears To Not Be Applicable To Charter Schools.

Employer Student Loan Debt Benefits Following SECURE 2.0

In December 2022, Congress enacted groundbreaking legislation as part of the SECURE 2.0 Act (SECURE 2.0) codifying an opportunity for employers to provide matching contributions within a tax-qualified retirement plan based on their employees’ qualified student loan payments outside the plan. The SECURE 2.0 student loan payment match is the latest vehicle for employers to aid employees to help relieve the financial burden of student loan debt.

This On the Subject discusses the SECURE 2.0 student loan benefit and other employer options for providing tax-advantaged benefits to employees based on student loan payments. It also examines the open questions and current implementation challenges for sponsors of 401(k) and 403(b) plans hoping to implement the student loan benefit.

IN DEPTH


THE STUDENT LOAN DEBT PROBLEM AND EMPLOYER RESPONSE

Over the last two decades, the amount of outstanding student loan debt in the United States has grown exponentially. Studies suggest there are currently around 43 million Americans with student loan debt of more than $1.6 trillion. Paying off student loan debt has become a hot-button political issue, including with presidential candidates and members of Congress. Earlier this summer, the US Supreme Court’s decision in Biden v. Nebraska rejected the Biden administration’s plans for student loan debt relief. The Supreme Court held that the Higher Education Relief Opportunities for Students Act of 2003 did not authorize the secretary of education to cancel approximately $430 billion in federal student loan principal. This decision comes as the statutory pause on student loan repayments ended on September 1, 2023, a moratorium enacted in response to the COVID-19 pandemic and lasting over three years.

Managing student loan debt has become an increasingly significant issue for many workers. As a result, student loan debt presents a significant opportunity for employers. Student loan repayment programs can be a key factor in attracting and retaining talent. In a 2019 survey conducted by Gradifi, a student loan benefits provider, 70% of employees said they were likely to stay at their current jobs because a student loan paydown plan was available. Ninety-seven percent of employees reported being happier in their place of employment because of a student loan repayment program. Ninety-two percent of employees reported feeling an improvement in their stress because of their employer’s student loan repayment program. As a result, many employers are investigating new options to stay competitive and help their employees tackle student loan debt.

OPTIONS FOR EMPLOYERS TO PROVIDE TAX-ADVANTAGED STUDENT LOAN DEBT BENEFITS

Unfortunately, there are limited ways for employers to structure a program to provide student loan debt assistance that is not subject to immediate income tax. The current vehicles for providing student loan debt benefits on a tax-advantaged basis are:

Educational Assistance Programs

As part of the Coronavirus Aid, Relief, and Economic Security Act of 2020 (CARES Act), Congress amended Section 127 of the Internal Revenue Code (Code) to permit employers to pay up to $5,250 per year to employees for student loan repayments as part of an educational assistance program. Many employers utilize such plans to provide tuition reimbursement for college or advanced degrees. Under the CARES Act, employers may also utilize these plans to provide student loan debt assistance.

To do so, employers must comply with the requirements of Section 127 of the Code, including:

  • The employer must have a written plan document that lays out the terms of the program;
  • The program must benefit employees or certain former employees who qualify under rules set up so that the program does not favor highly compensated employees;
  • The program must not provide more than 5% of its benefits during any year for shareholders or owners (or their spouses or dependents) who own more than 5% of the stock or of the capital or profits interest of the business;
  • The program must not allow employees to choose to receive cash or other benefits that would be included in gross income instead of educational assistance; and
  • Eligible employees must be given reasonable notice of the program.

An educational assistance program provides a direct ability to pay off student loan debt through a basic but effective tax structure. Employers can make payments either to employees or directly to lenders. Many employers who offer student loan repayment benefits work with a third-party vendor because the employer does not want to be in the position of asking employees for sensitive financial information regarding student loan debt. Vendors often work with lenders either to pay off student loan debt directly or, if the employer provides direct payment to employees, to track or verify student loan debt payments so that the employer can be certain the payments are being used to pay off student loan debt.

The $5,250 limit is the combined limit for all educational assistance, including both expenses related to tuition reimbursement and student loan debt payments. Under current law, the ability for employers to pay up to $5,250 per year to employees for student loan debt payments as part of an educational assistance program expires on December 31, 2025. However, it is often the case that employee benefit options enacted through the Code which are originally scheduled to sunset are extended indefinitely or made permanent. There is no guarantee, but it would not be surprising if the student loan debt payment benefit is extended or made permanent, particularly in the current environment where student loan debt receives significant media attention.

Contributions to Tax-Qualified Retirement Plans

In 2018, the Internal Revenue Service (IRS) released a groundbreaking private letter ruling (PLR) that helped to clear the way for employers to begin providing student loan repayment benefits as part of their 401(k) plans. The PLR confirmed that, under certain circumstances, 401(k) plan sponsors may link the amount of employer contributions made on an employee’s behalf to the amount of student loan debt payments made by the employee outside the plan. However, the PLR only applied to the specific plan sponsor requesting the ruling and did not address the effect on many other plan qualification requirements, such as the Code Section 401(a)(4) nondiscrimination requirement.

SECURE 2.0 codified the ability for certain defined contribution plan sponsors to provide employer-matching contributions based on employee payment of student loan debt. Effective for plan years after December 31, 2023, 401(k) and 403(b) plan sponsors can provide employer-matching contributions based on an employee’s “qualified student loan payments” made outside of the plan. A qualified student loan payment includes any payment made by an employee in repayment of a qualified higher education loan. The loan must be for the cost of attendance at an eligible educational institution.

SECURE 2.0 provided a helpful statutory framework for plan sponsors to provide matching contributions on student loan payments. Some of the most significant features are:

  • “Qualified student loan payments” can include payments made by an employee for student loans made on behalf of the employee, the employee’s spouse or dependent;
  • Plan sponsors are permitted to rely on an employee’s self-certification of qualified student loan payments, which certification must be made on an annual basis;
  • Matching contributions on student loan payments must be treated the same as matching contributions made on elective deferrals concerning the match percentage, eligibility and the same vesting rules (though match frequency can differ);
  • Plan sponsors may make the student loan match more frequently than annually (e.g., on a payroll period basis), but employees must have at least three months after the close of the plan year to claim the match;
  • Qualified student loan payments are treated as available to all participants for purposes of the Code Section 401(a)(4) nondiscrimination testing requirements;
  • Student loan payments can be treated as elective deferrals for safe harbor plan rules; and
  • For purposes of the Actual Deferral Percentage (ADP) test, plan sponsors may separately test participants who receive matching contributions on account of qualified student loan payments.

OUTSTANDING QUESTIONS REGARDING SECURE 2.0 STUDENT LOAN EMPLOYER MATCHING CONTRIBUTIONS

While SECURE 2.0 provided the framework for the implementation of the student loan match, many open questions remain, and the US Department of the Treasury (Treasury) and IRS need to provide more guidance to fully implement this feature. Some specific areas where guidance would be helpful include:

  • More guidance on what constitutes a qualified student loan payment. It seems clear that payment made by an employee toward a loan taken by an employee, employee’s spouse or dependent qualifies, but when is this determined? What if the employee’s spouse or dependent was a spouse or dependent when the loan was taken, but not when the loan payments are made (or vice versa)?
  • What is required for a plan sponsor to establish reasonable procedures regarding annual self-certification? Separately, are there any limits on how much substantiation a plan sponsor can require if it wants to?
  • If the match is allocated after the end of the year, can it be limited to active employees? Would this apply to safe harbor plans (which generally are not permitted to require service as of the last day of the plan year for employees to receive contributions) as well?
  • How does the ability of employees to claim the match within three months after the end of the plan year affect the general requirement for non-safe harbor plans to correct ADP and Actual Contribution Percentage testing failures within two-and-a-half months after the end of a plan year to avoid an excise tax?
  • How do the vesting requirements work? The student loan match must vest “in the same manner” as a regular match. How does this work if the plan has a fully vested safe harbor match plus a discretionary match subject to a vesting schedule?

SECURE 2.0 directs the Treasury to issue regulations to address these and other questions and establish reasonable procedures and deadlines for employees to take advantage of the student loan match benefit.

PLAN SPONSOR CHALLENGES IMPLEMENTING SECURE 2.0 STUDENT LOAN DEBT BENEFITS

In addition to the open legal questions, numerous other challenges exist for plan sponsors seeking to implement the SECURE 2.0 student loan matching contribution. Most significantly, plan sponsors need to assess their ability to implement a student loan benefit within the context of their existing 401(k) or 403(b) plan platform. The plan’s recordkeeper and third-party administrator must have systems set up to administer the student loan debt benefit. Due in part to the ongoing questions and lack of guidance, many recordkeepers have delayed the development of the systems set up to administer student loan debt benefits on a large scale beginning in 2024. Some have set up pilot programs to test the option for a handful of plans. Many recordkeepers and administrators are just starting to “pilot” their process and systems for 2024 before making the offering available more widely, which may be in 2025 or 2026.

Employers pondering a SECURE 2.0 student loan benefit should consider the following:

  • Is the benefit right for your employee population? For some employers the answer is obvious: They either have a significant number of employees with college or advanced degrees for whom this issue is a high priority, or they do not. For others, it can be useful to assess the employee demographics to estimate the proportion of employees who may be interested in a student loan match. Some 401(k) recordkeepers are developing data and programs to help their clients make this determination. Some employers have utilized polls or surveys to try to determine employee interest.
  • What is the potential cost? Employers can model cost projections based on expected participation rates. Some recordkeepers are developing data and programs to help their clients make this determination.
  • Are there other, more effective ways to provide student loan debt benefits? For example, the CARES Act educational assistance program benefit discussed above is a relatively straightforward way to provide direct student loan debt benefits.

Although challenges remain, plan sponsors should keep in mind that plan design features are constantly evolving, and implementation issues always take time. Many retirement plan practitioners believe that it is only a matter of time before the student loan employer matching contribution becomes a commonplace feature within most employers’ 401(k) or 403(b) retirement plans.

Article by Jeffrey M. Holdvogt , Brian J. Tiemann , Teal N. Trujillo of McDermott Will & Emery

For more news on education, visit the NLR Public Education and Services page.

University of Texas at Austin Permanently Blocks TikTok on Network

On Tuesday, January 17, 2023, the University of Texas at Austin announced that it has blocked TikTok access across the university’s networks. According to the announcement to its users, “You are no longer able to access TikTok on any device if you are connected to the university via its wired or WIFI networks.” The measure was in response to Governor Greg Abbott’s December 7, 2022, directive to all state agencies to eliminate TikTok from state networks. Following the directive, the University removed TikTok from university-issued devices, including cell phones, laptops and work stations.

Copyright © 2023 Robinson & Cole LLP. All rights reserved.

For  more Cybersecurity Legal News, click here to visit the National Law Review.

Another Lesson for Higher Education Institutions about the Importance of Cybersecurity Investment

Key Takeaway

A Massachusetts class action claim underscores that institutions of higher education will continue to be targets for cybercriminals – and class action plaintiffs know it.

Background

On January 4, 2023, in Jackson v. Suffolk University, No. 23-cv-10019, Jackson (Plaintiff) filed a proposed class action lawsuit in the U.S. District Court for the District of Massachusetts against her alma matter, Suffolk University (Suffolk), arising from a data breach affecting thousands of current and former Suffolk students.

The complaint alleges that an unauthorized party gained access to Suffolk’s computer network on or about July 9, 2022.  After learning of the unauthorized access, Suffolk engaged cybersecurity experts to assist in an investigation. Suffolk completed the investigation on November 14, 2022.  The investigation concluded that an unauthorized third party gained access to and/or exfiltrated files containing personally identifiable information (PII) for students who enrolled after 2002.

The complaint further alleges that the PII exposed in the data breach included students’ full names, Social Security Numbers, Driver License numbers, state identification numbers, financial account information, and Protected Health Information.  While Suffolk did not release the total number of students affected by the data breach, the complaint alleges that approximately 36,000 Massachusetts residents were affected.  No information was provided about affected out-of-state residents.

Colleges and Universities are Prime Targets for Cybercriminals

Unfortunately, Suffolk’s data breach is not an outlier.  Colleges and universities present a wealth of opportunities for cyber criminals because they house massive amounts of sensitive data, including employee and student personal and financial information, medical records, and confidential and proprietary data.  Given how stolen data can be sold through open and anonymous forums on the Dark Web, colleges and universities will continue to remain prime targets for cybercriminals.

Recognizing this, the FBI issued a warning for higher education institutions in March 2021, informing them that cybercriminals have been targeting institutions of higher education with ransomware attacks.  In May 2022, the FBI issued a second alert, warning that cyber bad actors continue to conduct attacks against colleges and universities.

Suffolk Allegedly Breached Data Protection Duty

In the complaint, Plaintiff alleges that Suffolk did not follow industry and government guidelines to protect student PII.  In particular, Plaintiff alleges that Suffolk’s failure to protect student PII is prohibited by the Federal Trade Commission Act, 15 U.S.C.A. § 45 and that Suffolk failed to comply with the Financial Privacy Rule of the Gramm-Leach-Bliley Act (GLBA),  15 U.S.C.A. § 6801.  Further, the suit alleges that Suffolk violated the Massachusetts Right to Privacy Law, Mass. Gen. Laws Ann. ch. 214, § 1B, as well as its common law duties.

How Much Cybersecurity is Enough?

To mitigate cyber risk, colleges and university must not only follow applicable government guidelines but also  consider following industry best practices to protect student PII.

In particular, GLBA requires a covered organization to designate a qualified individual to oversee its information security program and conduct risk assessments that continually assess internal and external risks to the security, confidentiality and integrity of personal information.  After the risk assessment, the organization must address the identified risks and document the specific safeguards intended to address those risks.  See 16 CFR § 314.4.  

Suffolk, as well as other colleges and universities, may also want to look to Massachusetts law for guidance about how to further invest in its cybersecurity program.  Massachusetts was an early leader among U.S. states when, in 2007, it enacted the “Regulations to safeguard personal information of commonwealth residents” (Mass. Gen. Laws ch. 93H § 2) (Data Security Law).  The Data Security Law – still among the most prescriptive general data security state law – sets forth a list of minimum requirements that, while not specific to colleges and universities, serves as a good cybersecurity checklist for all organizations:

  1. Designation of one or more employees responsible for the WISP.
  2. Assessments of risks to the security, confidentiality and/or integrity of organizational Information and the effectiveness of the current safeguards for limiting those risks, including ongoing employee and independent contractor training, compliance with the WISP and tools for detecting and preventing security system failures.
  3. Employee security policies relating to protection of organizational Information outside of business premises.
  4. Disciplinary measures for violations of the WISP and related policies.
  5. Access control measures that prevent terminated employees from accessing organizational Information.
  6. Management of service providers that access organizational Information as part of providing services directly to the organization, including retaining service providers capable of protecting organizational Information consistent with the Data Security Regulations and other applicable laws and requiring service providers by contract to implement and maintain appropriate measures to protect organizational Information.
  7. Physical access restrictions for records containing organizational Information and storage of those records in locked facilities, storage areas or containers.
  8. Regular monitoring of the WISP to ensure that it is preventing unauthorized access to or use of organizational Information and upgrading the WISP as necessary to limit risks.
  9. Review the WISP at least annually or more often if business practices that relate to the protection of organizational Information materially change.
  10. Documentation of responsive actions taken in connection with any “breach of security” and mandatory post-incident review of those actions to evaluate the need for changes to business practices relating to protection of organizational Information.

An organization not implementing any of these controls should consider documenting the decision-making process as a defensive measure.  In implementing these requirements and recommendations, colleges and universities can best position themselves to thwart cybercriminals and plaintiffs alike.

© Copyright 2023 Squire Patton Boggs (US) LLP

Division I Universities Must Be Ready for Changes to the NCAA Infractions Process

The NCAA Division I Board of Directors has adopted key changes to the way in which NCAA infractions matters will be investigated and processed in the future. The changes, which take effect on January 1, 2023, are intended to modernize and enhance the process, while focusing resources on the most serious violations. Another objective is to reduce the time needed to process and resolve violation proceedings.

President of the University of Georgia and Chair of the Division I Board of Directors Jere Morehead said in August that NCAA members are “committed to resolving cases fairly and in a timely fashion, thus holding those responsible for violations accountable and avoiding penalizing those who were not involved in rule-breaking.”

Among the key changes are the following:

Enhanced duty to cooperate: Institutions, staff, and student-athletes, upon learning of potential violations, will be required to preserve information, to provide immediate access to all electronic devices, and to encourage family members, spouses, boosters, and others to cooperate in the investigation. The number of aggravating and mitigating factors in the Bylaws has been expanded to reward prompt and full cooperation and deter efforts to hinder or impede investigations.

New head coach responsibility standard: Head coaches will be held responsible for serious violations committed by those who report to them directly or indirectly. Only in determining the appropriate penalty will the Committee on Infractions (COI) consider whether the head coach promoted compliance and monitored the program. The previous infractions approach, which included a rebuttable presumption of responsibility on the part of a head coach, has been abandoned.

Additional method for resolution: A new alternative for resolving infractions cases has been added, with the aim of providing the COI greater flexibility and reserving full hearings for only the most serious cases. The new method, known as a “Written Record Hearing,” will be employed in cases in which the facts are largely undisputed and the alleged violations not numerous or significant.

Clarification of appeal standard and limitation of appeals: Findings and penalties by the COI will be affirmed by the Infractions Appeals Committee (IAC) if there is information in the record that supports the decision. Findings and penalties will not be set aside unless no reasonable person could have made the ruling given the factual record. Appeals to the IAC as to the penalties imposed will be limited to those sanctions that fall outside legislated penalty guidelines, or “core penalties.” The majority of appeals will be decided based on the written record without the need for oral argument. Finally, and as is also the case with the revised COI process, extensions of time will be granted only in extreme and clearly defined circumstances.

Aggravating and mitigating factors: The new guidelines clarify which factors apply to institutions and which apply to involved individuals. Previously, this was unclear and often debated. New aggravating factors have been added, including hindering an investigation or inhibiting the COI’s processing of a case. New mitigating factors also have been added, including a demonstration of exemplary cooperation by, for example, securing meaningful cooperation from an outside party.

Name, image and likeness (NIL): In this rapidly evolving area, the bylaws provide that if available information indicates that behaviors surrounding an NIL offer or agreement is contrary to NCAA legislation, it shall be presumed that a violation occurred.  The charged institution or involved individual will then be required to rebut this presumption with credible and sufficient information that a violation did not occur.

In addition to the above changes, the new infractions construct eliminates the Independent Accountability Resolution Process (IARP), which had been created at the recommendation of the Commission on College Basketball chaired by Condoleezza Rice. While acknowledging the panel’s thoroughness in deciding the several cases referred to the IARP, it was concluded that this new process prolonged case timelines and required substantial additional resources to bring cases to resolution.

Finally, the Board of Directors announced that it will consider additional future changes that may help to deliver timely and fair outcomes in infractions matters. Among the subjects under further consideration are (i) requiring increased documentation of recruiting efforts, (ii) adjusting the size and composition of the COI, (iii) modification of penalty ranges (including alternatives to post-season bans), and (iv) enhancing confidentiality rules for involved parties during investigation by the NCAA enforcement staff.

Jackson Lewis P.C. © 2022
For more Public Services Legal News, click here to visit the National Law Review.

Name, Image and Likeness: What Higher Education Institutions Need to Know for Legal Compliance

More than a year has passed since the NCAA v. Alston ruling and roll-out of the NCAA Name, Image and Likeness Interim Policy. What processes should institutions have in place, and what situations should they be on the lookout for at this point in the NIL game? While institutions cannot provide compensation to student-athletes or potential student-athletes in exchange for use of a student’s NIL, below are items counsel at higher institutions should have on their radar.

Review and Approval of NIL Agreements

The NCAA Interim Policy does not require student-athletes to disclose NIL agreements and/or opportunities to their institutions. In the State of Michigan, however, pursuant to House Bill 5217, beginning December 31, 2022, student-athletes must disclose proposed NIL opportunities or agreements to the institution at least seven days prior to committing to the opportunity or contract. For the institution, this means there needs to be a process in place by which student-athletes submit opportunities or agreements to the institution and the institution does a timely and thorough review of the submission. The institutional representative reviewing the submissions must be knowledgeable of the institution’s active contractual obligations and only sign off on the student-athlete’s potential NIL opportunity or contract once confident there is no conflict with an existing institutional contract. This is most likely to come up in agreements with exclusivity terms, such as sports apparel and campus-wide pouring rights agreements. If there is a conflict, the institution needs to articulate the specific conflict to the student-athlete so they can negotiate a revision, which is then subject to additional review and potential approval by the institution.

Institutions are the Regulating Bodies

Institutions in states that require submission of NIL opportunities by student-athletes need to pay close attention when reviewing submissions because the NCAA has placed most of the NIL regulatory burden on institutions. Specifically, institutions are obligated to report potential violations of NCAA policy. Among other potential violations, institutions must report possible abuses on the prohibition of pay-for-play and improper inducements of potential student-athletes and current student-athletes. Essentially, in addition to spotting potential conflicts between NIL agreements and current institution agreements, institutions need to review NIL agreements to determine if a student-athlete is being compensated for athletic achievement and/or for their enrollment or continued enrollment at a particular institution. Any indication that the student-athlete’s NIL agreement will be void if they no longer participate on an athletic team requires the institution to complete due diligence and determine the appropriateness of the arrangement in light of the NIL policy. Institutions are ultimately responsible for certifying the eligibility of student-athletes, and the presence of the previously mentioned terms place the agreement in direct violation of the language in the NIL Interim Policy and corresponding NCAA guidance.

Institutional Staff Members

It is in the best interest of institutions to train their staff members on appropriate interactions with boosters because the NCAA holds institutions responsible for the “impermissible recruiting activities engaged in by a representative of athletics interest (i.e., a booster).” Staff members need to understand the actions they are permitted to take and conversations they are permitted to have, as failure to do so could land them deep in the gray area of NIL.

  • An institutional staff member cannot directly or indirectly communicate with a potential student-athlete on behalf of a booster or NIL entity.
  • An institutional staff member cannot enter into agreements with an NIL entity to secure NIL deals between the entity and potential student-athletes.
  • An institutional staff member cannot “organize, facilitate or arrange” a meeting or any conversations between an NIL entity and a potential student-athlete, which includes transfer students coming from other institutions.

Financial Aid

Institutions should ensure they are not influencing how a student-athlete uses their compensation. Specifically, institutions should not direct student-athletes to use their NIL compensation for financial aid. Student-athletes’ financial aid is not impacted by compensation they would receive from NIL agreements. Financial aid limitations exclude compensation which also extends to NIL compensation. However, if a student receives NIL compensation, this may impact need-based financial aid.

FERPA

Many public institutions have made the argument that FERPA precludes them from disclosing NIL agreements without a release executed by the student-athlete. If a copy of an NIL agreement or summary of an NIL opportunity is provided to the institution by the student-athlete, this becomes a record of the university per the definition of FERPA and is likely part of the student-athlete’s educational record. There may be a particular circumstance in which a FERPA exception would apply to a request, but there is no broad FERPA exception that would apply in this situation. Institutions might find it strategic to include their stance on FERPA in an NIL policy to ensure all requests for NIL agreements are handled consistently.

International Students

International students can receive NIL compensation but with some caveats. In its documentation, the NCAA directs international student-athletes to their institution’s Designated School Official for “guidance related to maintaining their immigration status and tax implications.” As a result, institutions should make sure the individual(s) is/are well equipped to provide answers regarding NIL from international students.

Five Steps to Become a Well-Organized and Compliant Institution

  1. Have an NIL policy and procedures that are followed consistently and made available to student-athletes for reference and consultation;
  2. Have a process in place to review NIL agreements between the institution’s student-athletes and outside entities or individuals (if located in a state that requires student-athletes to make such disclosures);
  3. Have trained its staff (especially athletics staff) on what actions can and cannot be taken in relation to student-athletes’ NIL opportunities;
  4. Have trained its student-athletes on available resources; and
  5. Have a team of institutional staff members ready to pivot if additional laws are enacted by their state, if additional guidance is provided by the NCAA or if federal legislation is enacted.
© 2022 Varnum LLP

All Federal Research Agencies to Update Public Access Policies

On 25 August 2022, the Office of Science and Technology Policy (OSTP) released a guidance memorandum instructing federal agencies with research and development expenditures to update their public access policies. Notably, OSTP is retracting prior guidance that gave discretion to agencies to allow a 12-month embargo on the free and public release of peer-reviewed publications, so that federal funded research results will be timely and equitably available at no cost. The memo also directs affected agencies to develop policies that:

  1. Ensure public access to scientific data, even if not associated with peer-reviewed publications;
  2. Ensure scientific and research integrity in the agency’s public access by requiring publication of the metadata, including the unique digital persistent identifier; and
  3. Coordinate with OSTP to ensure equitable delivery of federally funded research results and data.

KEY COMPONENTS OF GUIDANCE:

Updating Public Access Policies

Federal agencies will need to develop new, or update existing, public access plans, and submit them to OSTP and the Office of Management and Budget (OMB). Deadlines for submission are within 180 days for federal agencies with more than US$100 million in annual research and development expenditures, and within 360 days for those with less than US$100 million in expenditures.

Agencies will need to ensure that any peer-reviewed scholarly publication is free and available by default in agency-designated repositories without any embargo or delay following publication. Similarly, OSTP expects the access polices to address publication of any other federally funded scientific data, even if not associated with peer-reviewed scholarly publications. As a concession, federal agencies are being asked to allow researchers to include the “reasonable publication costs and costs associated with submission, curation, management of data, and special handling instructions as allowable expenses in all research budgets.1

Ensuring Scientific Integrity

To strengthen trust in governmentally funded research, the new or updated policies must transparently communicate information designed to promote OSTP’s research integrity goals. Accordingly, agencies are instructed to collect and make appropriate metadata available in their public access repositories, including (i) all author and co-author names, affiliations, and source of funding, referencing their digital persistent identifiers, as appropriate; (ii) date of publication; and (iii) a unique digital persistent identifier for research output. Agencies should submit to OSTP and OMB (by 31 December 2024) a second update to their policies specifying the approaches taken to implement this transparency, and publish such policy updates by 31 December 2026, with an effective date no later than one year after publication of the updated plan.

IMPLICATIONS FOR THE NATIONAL INSTITUTES OF HEALTH (NIH), OTHER FEDERAL AGENCIES, AND THEIR GRANTEES

The NIH is expected to update its Public Access Policy, potentially along with its Data Management and Sharing Policy to conform with the new OSTP guidance. Universities, academic medical centers, research institutes, and federally funded investigators should monitor agency publications of draft and revised policies in order to update their processes to ensure continued compliance.

In doing so, affected stakeholders may want to consider and comment to relevant federal agencies on the following issues in their respective public access policy development:

  • Federal agency security practices to prevent foreign misappropriation of research data;
  • Implications for research misconduct investigations and research integrity;
  • Any intellectual property considerations without a 12-month embargo, especially to the extent this captures scientific data not yet published in a peer-review journal; and
  • Costs allowable research budgets to support these data management and submission expectations.

1 Office of Science and Technology Policy, Memorandum for the Heads of Executive Departments and Agencies: Ensuring Free, Immediate, and Equitable Access to Federally Funded Research at p. 5 (25 August 2022) available at https://www.whitehouse.gov/wp-content/uploads/2022/08/08-2022-OSTP-Public-Access-Memo.pdf

Copyright 2022 K & L Gates

School Law Update: CDC Adjusts Direction on Exposure Quarantine Requirements for Employees

CDC Adjusts Direction on Exposure Quarantine Requirements for Employees

On August 11, 2022, the CDC updated its COVID-19 guidance as the risk of severe illness, hospitalization, and death from COVID exposure has significantly declined. More specific guidance for school districts was issued by the CDC, which can be found here.

In addition, the Department of Public Instruction has published guidance entitled “COVID-19 Infection Control and Mitigation Measures for Wisconsin Schools 2022/2023,” which can be found here.

While we published a Legal Update on the recent CDC guidance changes last week, that Update primarily focused on the private sector. This Update is primarily focused on the impact the new CDC guidance will have on school districts and identifies some of the key changes.

The more significant mask guidance has been reduced. Guidance now indicates that if COVID-19 is at a high Community Level, universal indoor masking in schools is recommended. The CDC also recommends masking in health care settings such as the school nurse’s office. The updated CDC guidance makes significant changes to quarantine and isolation protocols. Asymptomatic (exposed) children and staff, regardless of where the exposure occurred or vaccination status, no longer need to quarantine. Students or staff who self-identify as close contacts may continue to attend school/work if they remain asymptomatic.

Students or staff who come to school with symptoms or develop symptoms while at school should be asked to wear a well-fitting mask or respirator while in the building and be sent home. If testing is unavailable at school, students and staff should also be encouraged to get tested. Symptomatic people who cannot wear a mask should be separated from others as much as possible; children should be supervised by a designated caregiver who is wearing a well-fitting mask or respirator until they leave school grounds but masking with a high quality mask is suggested for 10 days from exposure.

If the school provides COVID-19 testing, a symptomatic student or staff member may remain in school if they are tested immediately onsite, and that test is negative. Best practice would include wearing a mask, if possible, until symptoms are fully resolved. If the student is “too ill” to be in school (fever, severe cough, vomiting, diarrhea, etc.), they should be sent home regardless of COVID-19 test results. If the symptomatic student or staff cannot be tested immediately, they should be sent home and encouraged to use an at-home-test-kit or be referred to a testing site.

Students and staff who test positive for COVID-19 should isolate for at least 5 days. If they are asymptomatic, they may end isolation after Day 5 (return Day 6). If they had symptoms, they may return to school/work after Day 5 if:

  • they are fever-free for 24 hours (without the use of fever-reducing medication)

  • their symptoms are improving

If the individual still has a fever or other symptoms have not improved, they should continue to isolate until the symptoms improve. Once isolation has ended, people should wear a well-fitting mask or respirator around others through Day 10. Testing is not required to determine the end of isolation or mask use following COVID-19 infection.

©2022 von Briesen & Roper, s.c

U.S. Government Pursues More Aggressive Action to Curb Espionage at Universities

The U.S. Governmental Accountability Office (GAO) thinks the FBI and other agencies are not doing enough to address the espionage threat on U.S. university campuses. It issued a report, “Enforcement Agencies Should Better Leverage Information to Target Efforts Involving U.S. Universities” on June 14, 2022, urging the FBI, the Department of Homeland Security, and the Department of Commerce to step up their outreach efforts to address the threat. Commerce, DHS, and FBI have all concurred with GAO’s recommendations. As a result, U.S. colleges and universities to face yet another organizational risk: an increase in campuses visits by export control and law enforcement agents.

The threat: U.S. export control laws consider the disclosure to non-U.S. persons of technology, software, or technical data to be exports, even if the disclosure occurs in the United States.

The overwhelming majority of non-U.S. persons studying and working at U.S. universities are not security risks and are valued members of their academic organizations. But U.S. intelligence agencies have long warned that foreign state actors actively acquire sensitive national security data and proprietary technology from U.S. universities.

A lot of the technology flow abroad from U.S. universities is perfectly legal, for two reasons: First, most university research, even in cutting-edge technology, is exempt from export controls under an exemption known as “fundamental research.” Second, even in cases where the fundamental research exemption does not apply, it takes time for the U.S. government agencies to add new items to the export control lists they enforce; namely the U.S. Munitions List, administered by the U.S. Department of State, Directorate of Defense Trade Controls; and the Commerce Control List, administered by the U.S. Department of Commerce, Bureau of Industry and Security.

But at the same time, either through inadvertence or outright espionage, unlawful transfers of technology to foreign nationals take place. A 2006 report by the U.S. Office of the National Counterintelligence Executive found that a significant quantity of export controlled U.S. technology is released to foreign nationals in the United States unlawfully each year.

Clash of values: One important issue for higher education in addressing trade controls compliance is cultural in nature. U.S. universities value open, collaborative environments which drive and accelerate innovation. For those institutions, the idea of cutting off information flows conflicts with those cultural norms. By contrast, U.S. export controls aim to protect U.S. national security by hindering the flow of sensitive information to potential adversaries.

GAO’s recommendations: The GAO report recommends that U.S. trade control agencies take more aggressive steps to curb foreign access to sensitive technologies at U.S. universities. The recommendations include steps to enhance risk assessment and ranking of universities by risk, and steps to increase agency cooperation in planning and conducting outreach visits to universities. As a direct result of this report, U.S. universities are going to receive more visits from U.S. government agents.

Practical takeaways:

  • Universities: Consider reevaluating your risk. The threat has evolved, and the U.S. government response is also evolving. A risk evaluation using modern tools such as a premortem can help you know where to dedicate resources to update your export control policies, procedures, and training. Any unlawful escape of technology or technical data are much more likely to be detected and punished under the new regime, in part based on the GAO report. Organizations have to evolve with the threat.
  • Students, faculty, and administrators: Consider how to jealously guard your academic freedom, but be wary of the national security risks of sensitive technology falling into the wrong hands.
  • Research sponsors: More and more U.S. university research is sponsored by U.S. companies and government agencies. Research sponsorship agreements play a major role in striving for both national security and academic goals of the U.S. university system. Sponsors need to be sensitive to how these agreements are drafted. Sponsors must be aware of the espionage threat to their technology. But imposing too many restrictions in the contract may undermine the applicability of the fundamental research exemption and hinder the success of the project.

Conclusion: In the face of organizational threats, institutions do best when they heed their values. In the realm of protecting sensitive technology, we must constantly evolve with the threat. But we must also continue to carefully balance national security considerations with our bedrock values of academic freedom and openness.

Copyright © 2022, Sheppard Mullin Richter & Hampton LLP.

Do You Have a College Student? Important Healthcare, Financial, and Educational Documents That They (and You) Need

August is upon us and you may soon be sending children off to college. If your child is age 18 or older, you and your child will need to take some simple steps so that, in the event of an emergency, you will be able to make health care and financial decisions for your child and have access to your child’s medical information and financial accounts. The same is true if you are to have access to your child’s educational records.

Medical Information. Once your child reaches age 18, your child is deemed to be an adult by law and you no longer have a legal right to make health care decisions on behalf of your child or to access your child’s health care information. As a result, if you have an adult child, your child must execute certain legal documents naming you as his or her health care agent and permitting you to access his or her medical information:

  1. Your child must execute a “Health Care Proxy” naming you as his or her agent for health care decisions. In this document, your child authorizes you to make health care decisions on your child’s behalf if he or she becomes unable to make or communicate such decisions him or herself. The child may also share his or her own wishes regarding medical treatment.
  2. Your child must also sign a “HIPAA Authorization Form.” The Health Insurance Portability & Accountability Act of 1996 (generally known as “HIPAA”) protects the privacy of an individual’s medical information, and health care providers may require written consent from a patient to share information with family members, including parents of an adult child. Your child’s college or university may also have policies in place preventing it from sharing medical information without the student’s consent. This form will serve as written permission authorizing those providing health care services to your child to share medical information with you as your child’s health care agent.
  3. In addition, you should be in contact with the health services department of your child’s college or university. The institution may provide its own form for authorizing the release of medical information that can be kept on record with the institution’s health services department.

Financial Accounts. If you are to have the ability to act on behalf of your adult child with respect to financial matters, your child also needs to execute a “Durable Power of Attorney” naming you as your child’s agent with respect to the child’s assets and finances. If your child is attending college away from home, is studying abroad, or undergoes a medical emergency, it may be useful for you to access your child’s accounts on his or her behalf. This allows you to pay bills for a child out of their accounts, make deposits and open or close accounts. In addition, a durable power of attorney allows you to handle other financial tasks for the child, like filing tax returns or renewing a lease.

Educational Records. Finally, the Family Educational Rights and Privacy Act (FERPA) protects the educational records of a child who has turned 18 or is enrolled at a postsecondary institution from access by his or her parents. If the child’s parents claim the child as a dependent on their tax returns, the parents may still access the child’s education records without the child’s consent. However, institutions may be reluctant to allow access to education records for any child over the age of 18 without a “FERPA Waiver” signed by the child, regardless of their status as a dependent. If you would like to have access to your child’s educational records, you should contact the institution to request a FERPA Waiver form.

2022 Goulston & Storrs PC.