Reminder On Information Privacy Compliance

August 21 2009

As another academic year begins, the Internal Audit Department encourages managers, supervisors and other unit leaders to review information privacy standards with all department members. The two primary compliance standards that affect the majority of campus are:

Family Educational Rights and Privacy Act (FERPA ), which defines standards for access to student records and related academic information

Graham-Leach-Bliley Act (GLBA), which defines standards for privacy and protection of personal financial information

The University has established policy statements that provide operational practices and procedures related to these federal statutes. Policy Statement No. 69 “Student Records” is the primary reference for compliance with FERPA; The GLBA Information Security Program Regulation supplement to Policy Statement No. 102 describes how to comply with GLBA standards.
Supervisors can respond to questions on how to comply with any of these or other University policies. Supervisors who have questions should contact either the Internal Audit Department or the Office of Legal Affairs.