As required by the Gramm-Leach-Bliley Act (GLBA)¹ and the regulations promulgated pursuant to GLBA by the Federal Trade Commission (FTC), financial institutions are required to take steps to ensure the privacy, security and confidentiality of customer records. Because higher education institutions engage in financial activities, such as granting student loans, FTC regulations consider them financial institutions for GLB Act purposes.
The Safeguards Rule of the GLB Act requires financial institutions to have an information security plan to protect confidentiality and integrity of personal information. In 2003, the University of èapp developed a comprehensive information security program to protect the security and confidentiality of “customer information.” In 2008, the Vice President for Information Technology authorized the development of a comprehensive Information Security Program, applicable for all university entities. The Gramm-Leach Bliley Program is a component of the Information Security Program.
- Gramm-Leach-Bliley Act
- èappPolicy 11010 - Protection of Personally Identifiable Information
- èappPolicy - Risk Management Program
- Gramm-Leach-Bliley Program Training Module
- GLB Committee Member Contact Information
- Finance and Administration
¹ The Gramm-Leach-Bliley Act (GLBA) and the regulations promulgated pursuant to GLBA by the Federal Trade Commission
Reviewed 2023-08-18