InfoSec Ally: University Registrar, Keri Disch

Many hands touching a speech bubble.

University Registrar Keri Disch is serious about securing student data in the digital era. Disch moved to St. Louis in July 2020 to join the WashU community after twenty years at Northwestern University, where she first became interested in central registrar work. The University Registrar serves as a central hub for many university functions. Her office is the “business” owner of our student system of record, which contains the data of roughly 17,000 students, data created by instructors who grade student work, academic advisors working with students on registration, and data generated through billing tuition. Her office responsibly manages this vast amount of data while navigating a complex technological landscape and analyzing how we could better configure enterprise tools to improve the user experience.

She sees the registrar’s office as the “nexus between academic and IT spheres” and asks, “how do we help our systems keep pace with our faculty and students, keep an eye on compliance with regard to regulations and best practices, mind our finite IT resources, and support the needs of our campus partners?”

A big part of meeting these diverse demands is her work in the Student Sunrise Project , which aims to consolidate student systems to improve the user experience while enhancing security and producing more consistent and useful institutional data. Disch notes that in a campus community as diverse and active as WashU’s, “it can be hard to get everyone to swim in the same direction and agree to common configurations and approaches. . . this has led to myriad integrations and variable data storage practices.” This approach puts university data at risk. Disch envisions a WashU where modern technology fosters the creativity of our faculty, makes our data more consistent and therefore more useable, and protects the security of our information and systems.

The Family Educational Rights and Privacy Act (FERPA) regulates most of the data under Disch’s oversight. She is responsible for crafting university policies related to FERPA, educating the WashU community about the regulation, and encouraging the best practices for maintaining compliance. One of the biggest FERPA pitfalls Disch sees is the amount of student data desired by our vendors. She is currently coordinating with partners across campus to develop new processes and structures to ensure that vended tools undergo a thorough review and approval process before adoption.

Faculty, staff, and students also need to do their part to protect student data. Disch says, “. . .our students come here for an education and a campus experience. They give us information about themselves so we can provide education and services. We need to be intentional with that information, respect their privacy, and honor the trust that they’ve put in WashU.” She urges faculty and staff to keep student trust in mind as we work with student data, much of which may be sensitive. For students, she encourages caution in sharing information in the digital sphere. She asks students to “be careful of disclosure. To whom are you disclosing this information? What are you disclosing? What are you agreeing to?”

The Office of Information Security is thankful that Disch is an ally in our effort to protect the WashU community, our data, and our systems. We look forward to our ongoing partnership. For more information about safeguarding FERPA data and other types of protected information, please visit the Office of Information Security website at