In University Business, Sherry Culves and Sarah Hutchins wrote about federal regulators enhancing their requirements that colleges and universities have a comprehensive cybersecurity program in place – or else they may not be able to participate in Title IV programs and award federal financial aid.
"That is the result of the June 9 effective date for the Federal Trade Commission’s (FTC) updated rule on safeguarding consumer information, a component of the Gramm-Leach-Bliley Act (GLBA)," Sherry and Sarah wrote. "The U.S. Department of Education has made clear that the Safeguards Rule, as it’s commonly called, applies to all postsecondary institutions that participate in financial aid programs under Title IV of the Higher Education Act."
"'Institutions and servicers are required to develop, implement, and maintain a written, comprehensive information security program,' according to an announcement from the Office of Federal Student Aid," they continued. "'The FTC’s regulations require that the information security program contains administrative, technical, and physical safeguards that are appropriate to the size and complexity of the institution or servicer, the nature and scope of their activities, and the sensitivity of any student information.'"
"Those requirements are the latest—but by no means the only—example of how cybersecurity and data privacy have become mission-critical for college and university leaders," they wrote.
Subscribers can read the full article here: With new safeguards rule, cybersecurity programs become even more critical for higher ed
University Business covers all aspects of college and university management and reaches more than 41,000 subscribers in print and online.
You can subscribe to our latest articles and insights here.