Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 SAFEGUARDING REGULATIONS AND HOW THEY EFFECT US MICHIGAN ASSOCIATION FOR STUDENT FINANACIAL SERVICE ADMINISTRATORS BY: KAREN REDDICK NATIONAL CREDIT.

Published byYuliana Beere Modified over 9 years ago

Similar presentations

Presentation on theme: "1 SAFEGUARDING REGULATIONS AND HOW THEY EFFECT US MICHIGAN ASSOCIATION FOR STUDENT FINANACIAL SERVICE ADMINISTRATORS BY: KAREN REDDICK NATIONAL CREDIT."— Presentation transcript:

1 1 SAFEGUARDING REGULATIONS AND HOW THEY EFFECT US MICHIGAN ASSOCIATION FOR STUDENT FINANACIAL SERVICE ADMINISTRATORS BY: KAREN REDDICK NATIONAL CREDIT MANAGEMENT St. Louis, Missouri

2 Since 1960 2 SANDBOX RULES This session is open forum Audience participation is encouraged Questions and comments as we move through the presentation are welcome

3 Since 1960 3 LAWS AND REGULATIONS THAT AFFECT US FERPA: Family Educational Rights and Privacy Act GLBA: Gramm-Leach-Bliley Privacy Act State SSN Privacy Law

4 Since 1960 4 FERPA FERPA: Family Educational Rights and Privacy Act Statue: 20 U.S.C. 1232(g) Regulations: 34CFR Part 99 The intent of the Act is to protect the rights of students and to insure the privacy and accuracy of education records. Those protected by FERPA are students and former students who have been in attendance at the institution. Rights belong to the student

5 Since 1960 5 FERPA Primary Rights of Students Under FERPA – Right to inspect and review education records. – Right to seek to amend education records – Right to have some control over the disclosure of information from education records.

6 Since 1960 6 FERPA Definitions – Student Prior to first day of attendance FERPA does not apply – Educational Records Records containing information that is directly related to student Records maintained by educational institution or by a party acting for the institution – Personally Identifiable Information Name Name of parent or other family member A personal identifier (SS # or Student ID #) List of characteristics or other information that would make the student’s identity easily traceable.

7 Since 1960 7 FERPA CFR 99.7 Annual Notification – Examples of Notification Student Handbook School Newspaper or catalog Local Newspaper Inclusion in students registration packet – Institutions must annually notify students in attendance of their rights under FERPA: Right to inspect and review education records –Procedures to inspect and review education records –Statement that records may be disclosed to school officials without prior consent including criteria for determining who are schools officials –What constitutes a legitimate educational interests.

8 Since 1960 8 FERPA 34 CFR Part 99.31 Under what conditions is prior consent not required to disclose? – (a)An educational institution may disclose personally identifiable information from an educational record of a student without the consent required by 34 CFR Part 99.30 if the disclosure meets one or more conditions outlined in Part 99.31 (1) The disclosure is to other school officials within the institution whom the institution has determined to have legitimate educational interests. (2)The disclosure to officials of another school where the student seeks or intends to enroll (3) The disclosure to authorized representatives: –Comptroller General of the United States –The United States Attorney General –The Secretary –State and local educational authorities

9 Since 1960 9 FERPA (4) The disclosure is in connection w/FA for which the student has applied, the info is necessary for such purposes as to –A) Determine eligibility of Aid –B) Determine amount of FA –C) Determine conditions for the Aid –D) Enforce terms and conditions of the Aid (5) The disclosure is to State and local officials or authorities under certain conditions (6) The disclosure is to organizations conducting studies for or on behalf of educational agencies or institutions (7) The disclosure is to accrediting organizations to carry out their accrediting functions (8) The disclosure is to parents, as defined in 99.3 of a dependent student, as defined in section 152 of the Internal Revenue Code of 1986 (9) The disclosure is to comply with a judicial or subpoena

10 Since 1960 10 FERPA (10) The disclosure is in connection with a health or safety emergency under the conditions described in CFR 99.36 (11) The disclosure is information the educational agency or institution has designated as directory information under the conditions described in CFR 99.36. (12) The disclosure is to the parent of a student who is not an eligible student or to the student (13) The disclosure subject to requirements of CFR 99.39 is to a victim of an alleged perpetrator of a crime of violence (14) The disclosure subject to requirement of CFR 99.39 in connection with a disciplinary proceeding at an institution

11 Since 1960 11 FERPA 34 CFR Part 99 Final Regulations Dated April 21, 2004 Effective May 21, 2004 This Final Rule regulations provide general guidelines for accepting “signed and dated written consent”under FERPA in electronic format. Section 99.30 is amended by adding a new paragraph (d) to read as follows:

12 Since 1960 12 FERPA (d) “Signed and dated written consent” under this part may include a record and signature in electronic form that- – (1) Identifies and authenticates a particular person as the source of the electronic consent: and – (2) Indicates such person’s approval of the information contained in the electronic consent. Safe Harbor – Most support the use of FSA standards for electronic signatures in electronic student loan transactions (FSA Standards) as a “Safe Harbor” – Schools are not required by FERPA to follow the FSA Standards. The Feds believe that schools may use the setup and security measures described in the FSA Standards, particularly sections 3 through 7, as guidance for security measures in a system using electronic records and signatures under FERPA – Guidelines to Safe Harbor Rules can be found at www.ifap.ed.gov/dpcletters/gen0106.html.

13 Since 1960 13 FERPA VS. GLBA FERPA - the access of information GLBA – the physical handling of information

14 Since 1960 14 GLBA GLBA: Gramm-Leach Bliley Act signed into law November 1999. – Regulation: Privacy regulations issued by federal agencies. Compliance required as of 7/1/01 – FTC PART 314-Standards for Safeguarding Customer Information (Effective 5/23/-03) – Scope: Regulates the sharing of: “Nonpublic personal information” about individuals who obtain “financial products or services” From “financial institutions” primarily for personal, family or household purposes.

15 Since 1960 15 GLBA-Implementing the Safeguards Rule The Gramm Leach Bliley Act requires financial institutions to ensure the security and confidentiality of customer personal information. The Federal Trade Commission (FTC) implemented GLBA by issuing the Privacy Rule and the Safeguards Rule. Colleges and universities are considered “financial institutions”primarily due to student loan making activities.

16 Since 1960 16 GLBA-Implementing the Safeguards Rule Safeguards Rule requires all financial institutions to develop an information security program to protect customer information. The three areas where safeguards must be considered: – Administrative – Physical – Technical

17 Since 1960 17 GLBA- Implementing the Safeguards Rule We must ensure the security and confidentiality of student (customer) records and information. We must protect against any anticipated threats or hazards to the security or integrity of such records. We must protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any student

18 Since 1960 18 GLBA- How to Implement the Rule The Rule, which took effect on May 23, 2003, requires financial institutions over which the FTC has jurisdiction to develop, implement, and maintain a written information security program that contains comprehensive administrative, technical, and physical safeguards.

19 Since 1960 19 GLBA- Implementing the Safeguards Rule As part of its program, each financial institutional must: – Designate an employee or employees to coordinate its information security program. – Identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction, or other compromise or information, and assess the sufficiency of any safeguards in place to control the risks

20 Since 1960 20 GLBA- Implementing the Safeguards Rule – Design and implement safeguards to control reasonably foreseeable risks, and monitor the effectiveness of these safeguards. – Take reasonable steps to select and retain service providers that are capable of maintaining appropriate safeguards for customer information and require them, by contract, to implement and maintain such safeguards. Deadline for 3 rd party providers to implement security plan was May 24, 2004. – Evaluate and adjust the program in light of relevant circumstances, including changes in the firm’s business arrangements or operations, or the results of testing and monitoring of safeguards.

21 Since 1960 21 GLBA- Securing Information Three areas that are particularly important to information security are the following: – Employee Training – Information Systems – Managing System Failures

22 Since 1960 22 SSN STATE PRIVACY LAWS – May not print SSN on any card required to access products or services – May not require transmission of SSN over an un- secure Internet Connection – May not require the SSN to access an Internet web site unless other unique identification or authentication is used – May not print SSN on any material mailed to the individual unless state or federal law requires the SSN to be on the document, applications and forms excluded (example: 1098T’s)

23 Since 1960 23 SSN STATE PRIVACY LAWS 7 States have adopted law Michigan is the newest state to implement law – Social Security Number Privacy Act 454 of 2004 – Effective March 1, 2005 – The Act required Universities to have privacy policy in place by January 1, 2006 – Enacted to prevent identity theft in the state of MI, it limits the use of Social Security Numbers as an identifier of students and employees, unless necessary – Best practice is convert to use of just the last 4 digits or to some other, non SSN system is recommended

24 Since 1960 24 SSN Privacy Law– Solution Create environment that will accommodate all state laws

25 Since 1960 25 CONTACT INFORMATION GLBA www.ftc.gov/privacy/glbact Laura D. Berger, Attorney Division of Financial Practices FTC (202) 326-3224 NACUBO http://www.nacubo.org/x2152.xml FERPA Family Policy Compliance Office LeRoy Rooker, Director of Family Policy (202) 260-3887 www.ed.gov/policy/gen/guid/fpco/ferpa Karen Reddick kreddick@ncmstl.com (800)627-2300, ext 229 Free Credit Report www.annualcreditreport.com Legislative Council, State of MI www.legislature.mi.gov

Download ppt "1 SAFEGUARDING REGULATIONS AND HOW THEY EFFECT US MICHIGAN ASSOCIATION FOR STUDENT FINANACIAL SERVICE ADMINISTRATORS BY: KAREN REDDICK NATIONAL CREDIT."

Similar presentations

National Forum on Education Statistics sponsored by the National Cooperative Education Statistics System and the National Center for Education Statistics.

National Forum on Education Statistics sponsored by the National Cooperative Education Statistics System and the National Center for Education Statistics.
FERPA - Sharing Student Information

FERPA - Sharing Student Information
University of Minnesota

University of Minnesota
FERPA: UPDATE ON THE FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Presented by Brenda V. S. Selman University Registrar-MU University of Missouri-Columbia.

FERPA: UPDATE ON THE FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Presented by Brenda V. S. Selman University Registrar-MU University of Missouri-Columbia.
FERPA for Students What Every MSU Student Should Know Prepared by the Office of the Registrar.

FERPA for Students What Every MSU Student Should Know Prepared by the Office of the Registrar.
FERPA Family Educational Rights and Privacy Act September 20, 2012Presented by: David Stocker General Counsel ACT, Inc.

FERPA Family Educational Rights and Privacy Act September 20, 2012Presented by: David Stocker General Counsel ACT, Inc.
FERPA What You Need to Know as a Wayne State Student Prepared by the Office of the Registrar.

FERPA What You Need to Know as a Wayne State Student Prepared by the Office of the Registrar.
The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.

The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.
IS3350 Security Issues in Legal Context

IS3350 Security Issues in Legal Context
1 Office of the General Counsel FERPA  Family Educational Rights and Privacy Act (20 U.S.C § 1232g)

1 Office of the General Counsel FERPA  Family Educational Rights and Privacy Act (20 U.S.C § 1232g)
FERPA: WHAT YOU SHOULD KNOW ILASFAA April 18, 2008 Amy Perrin Director of Financial Aid Elgin Community College.

FERPA: WHAT YOU SHOULD KNOW ILASFAA April 18, 2008 Amy Perrin Director of Financial Aid Elgin Community College.
Family Educational Rights and Privacy Act What you need to know...

Family Educational Rights and Privacy Act What you need to know...
FERPAFERPA Family Educational Rights and Privacy Act.

FERPAFERPA Family Educational Rights and Privacy Act.
Rosemary McCarthy, R.N., Ph.D. Associate Vice President for Academic Affairs and Dean of Graduate Studies Welcome to La Roche College.

Rosemary McCarthy, R.N., Ph.D. Associate Vice President for Academic Affairs and Dean of Graduate Studies Welcome to La Roche College.
FERPA presented by: Traci Gulick Associate Registrar Michigan State University.

FERPA presented by: Traci Gulick Associate Registrar Michigan State University.
2/16/2010 The Family Educational Records and Privacy Act.

2/16/2010 The Family Educational Records and Privacy Act.
FERPA 2008 New regulations enact updates from over a decade of interpretations.

FERPA 2008 New regulations enact updates from over a decade of interpretations.
FERPA Overview for CANR Business Managers Rob Kent, MSU Assistant General Counsel October 7, 2014.

FERPA Overview for CANR Business Managers Rob Kent, MSU Assistant General Counsel October 7, 2014.
FERPA: An introduction to the Family Educational Rights and Privacy Act.

FERPA: An introduction to the Family Educational Rights and Privacy Act.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

Similar presentations

Ads by Google