The Gramm-Leach-Bliley Act (named after its Senate Sponsors) regulates the disclosure of non-public personal information by financial institutions. Institutions of higher education are covered by the law's definition of "financial institutions" as they participate in financial activities, such as making federal Perkins loans.
Wittenberg University meets the definition of a "financial institution" under GLBA, and must establish and implement a safeguard program to protect nonpublic customer information (i.e. names, addresses, Social Security numbers, financial aid, etc.) FERPA and GLBA both regulate the protection of customer information, but GLBA extends the protection beyond just students, and requires the component of safeguarding all customers' confidential information.
Who is a customer? A customer is defined as a consumer who has a financial relationship with you. Therefore, anyone such as a student, a parent, an employee, can be considered a customer, and all confidential records must be safeguarded.
As an employee of Wittenberg University, you must take the proper steps to maintain the security, confidentiality and integrity of customer information, such as:
- locking rooms and file cabinets where paper records are kept;
- using password-activated screensavers;
- changing passwords periodically, and not posting passwords near employees' computers; NEVER SHARE PASSWORDS WITH OTHERS (INCLUDING CO-WORKERS!)
- limit access to customer information to employees who have a business reason
- referring calls or other request for customer information to designated individuals (such as Registrar's office for students and Human Resources for employees); NEVER CONFIRM CONFIDENTIAL INFORMATION OVER THE PHONE OR BY EMAIL!
- when disposing of out-of-date records (as defined in the Records Retention schedule), shred paperwork and erase or destroy all data on diskettes, cds, or other electronic media.