CORE Blog

Ensuring Secure Document Management for Higher Education Institutions

Written by CORE Higher Education Group | Apr 11, 2024 7:29:33 PM

For many higher education staff and faculty, the task of handling documents that are vital for maintaining affiliation agreements, accreditation requirements, and the like continue to be managed through a labyrinth of disjointed systems and regularly communicated via email.

It’s no wonder higher education continues to be a ripe candidate for cyberattacks. Given the spate of recent cyber attacks to colleges big and small, secure document management is becoming an evermore important priority for CIOs in higher education institutions across the US.

In this blog post, we discuss three primary challenges in maintaining document controls for institutions:

  • Risk of noncompliance
  • Workflow inefficiencies 
  • Decentralization

The stakes of these challenges range from the inconvenient to the legally perilous. But they are all lags on departmental efficiency and overall staff morale. Nobody likes repetitive mundane tasks and wants more purpose in their work. Conversely, they also don’t want to be an unknowing contributor to jeopardizing the university’s accreditation or legal exposure due to an honest gaffe.

Risk of Noncompliance

Noncompliance risks are the most stark of consequences for institutions who can’t get a wrangle on their document management processes. These outcomes range from legal exposure to loss of accreditation to privacy and security breaches. 

The noncompliance risks are more present as colleges and universities continue to partner with outside vendors to administer part of the educational experience with students.

Title IV of the Higher Education act has several stipulations in place for how colleges are allowed to partner with other vendors to administer portions of the education experience. So having a proper document management system in place to make sure departments are not running afoul of these regulations is vital if your university is wanting to continue being eligible for any federal grants or wanting to maintain accreditations.

Legal exposure is another ever-present risk, either via the federal government realizing noncompliance with Title IV or colleges being sued by students whose information may have been compromised through a data breach of some kind.

Not surprisingly, many colleges still use email as the primary means to pass documents and information through to various departments and stakeholders. This is a ripe area for cyberattacks to happen.

The average data breach costs a university $3.8 million per incident. For smaller schools this is a devastating consequence to their operating budget. And even after the incident itself, schools are still exposed to further action from students whose information might have been compromised as a result. 

Simply put, noncompliance risk runs a slew of potentially expensive outcomes for universities that could be safeguarded by simply looking to solutions that have strong SOC2 compliance and data management processes baked within their solutions.

Workflow Inefficiencies

Inefficiencies in workflows can significantly hinder departmental effectiveness, especially when it comes to document management. Without clear visibility on upcoming renewals, managing crucial dates and milestones with pen and paper or spreadsheets can easily lead to missed deadlines and delays in accreditation or partnership agreements.

Furthermore, a lack of transparency can result in key stakeholders being left out of important email communications, causing confusion and hindering collaboration. File version management becomes a major headache, with individuals being removed from email threads without being re-added, leading to missed updates, approvals, signatures, and document submissions.

It's a common occurrence for universities to rely on email for document management, ultimately overlooking essential individuals who need to stay informed about status updates, review processes, approvals, and the final submission of documents.

It’s no wonder why 77% of higher education faculty feel that transformation of their workflows was very important. And yet only 37% have actually converted their paper forms to digital.

Decentralization

Not surprisingly, with a fragmented document management process comes decentralizing of processes. 

From our own feedback of CORE users, many use up to 7 unique systems for document management. This can range from simple file storage drawers (like, real paper and vanilla folders) to digital folders on hard drives to Google Drive to various free or low cost software vendors.

Not surprisingly, this leads to a lot of version control issues for faculty trying to make sure they are checking, approving, signing, and sending the most recent version of files they have. 

This lack of a central repository to easily locate and see the progress of renewal documents or files needing to be addressed leads to delays in compliance related exercises or simply getting agreements ratified with new externship sites, finalizing new education partners, or keeping affiliation documentation up to date.

Streamlining Affiliation Agreement Management

Keeping affiliate agreements in place is critical to keeping your Title IV in compliance. With that, you ideally want to have a document management system that achieves four primary things in order to not let critical document version in place:

  • Single Source Document Storage Management
  • Workflow and document templates
  • Progress notifications and reminders
  • Integrations

CORE’s new Contract Manager add-on module accomplishes just this for higher education institutions wanting to better manage their contracts. 

 

Here are some of the main features and benefits of Contract Manager:

Single Source Document Storage Management

The Contract Manager serves as a centralized hub for all institutional contracts. It allows all stakeholders, both internal and external, to access contract documents effortlessly without the need for any special email domains. Users can be added to the tool with customized permissions, ensuring they can only see and access what is necessary for their role within the system.

Admins can also assign different user access levels across levels with special permissions based on their roles and responsibilities. This ensures the right people access the right files at the right time.

What’s better is if you are a current ELMS user, this tool integrates right into your existing ELMS workflows so you’re not using multiple tools to execute similar tasks. 

This keeps work streamlined into a single tool without the need to disparate processes and solutions. And since CORE is SOC2 compliant, you can be sure that all the security protocols are in place to ensure your files are as safe and secure as possible with far less legal exposure because you have a more formalized process with your affiliate sites.

Workflow and Document Templates

Contract manager provides a link to a secured landing page where users within the workflow can add comments/redlines/while documents are version controlled for easy visibility and clarity.

Contract Manager has several pre-configured review and approval steps baked in, such as the DocuSign Default workflow. However it has a fully customizable review and approval process to meet your institution’s unique needs. 

Users have an incredible amount of flexibility to decide which users are required to sign off at each step. And, Contract Manager supports multiple workflow templates to customize the review and approval process by program.

So if a Nursing program has it’s own unique approval steps for affiliate management and the Occupational Therapy program has a different protocol, no problem. Contract Manager is made to support as many unique interdepartmental processes as possible without the other department encountering them.

Progress Notifications and Reminders

Running communications through email is rife with room for error. People are removed from email chains. Emails get buried after a day, and simple things needing checked are often missed easily.

Contract Manager allows for users to generate and manage reports of contracts or upcoming deadlines. This gives you a clear view of your affiliate landscape and you can make informed decisions on deadlines to prioritize. 

You can also receive automated notifications and reminders for nearly anything: upcoming contract expirations, renewal deadlines, updated or signed documents, and any other activity that you may need to take action on.

All of this exists in an easy to view dashboard that you can search and filter to easily locate and work on the contract in question.

Integrations

Work tools mean nothing if you can’t manage to get approved signatures in them, as well. Contract Manager addresses this with our DocuSign integration so there’s no longer the need to print, sign, scan, and send back between parties.

The break point of where institutions lose all semblance of version control is all taken care of with a legally binding DocuSign integration that keeps stakeholders checking, approving, and signing agreements within the Contract Manager module.

Getting started with CORE’s Contract Manager is easy. You can simply reach out to your Client Success Manager if you are a current ELMS user or ask for a Demo if you are not.