|
||||||
 |
|
||||||
|
|
To: The University Community From: Victoria D. Johnson, General Counsel John D. Lawson, Chief Information Officer Re: Compliance with the Gramm-Leach-Bliley Act The Gramm-Leach-Bliley Act (GLB) requires that financial institutions establish a policy protecting the privacy of financial information of certain individuals by May 23, 2003. The GLB's intent is to reform the financial services industry and addresses concerns relating to consumer financial privacy including the safeguarding of consumer information. Because higher education institutions participate in financial activities such as making Federal Perkins Loans, the Federal Trade Commission (FTC) regulations consider them financial institutions for purposes of compliance with the act. Tulane has experience with similar rulings such as the Family Educational Rights and Privacy Act (FERPA), which addresses the privacy of student information and the Health Insurance Portability and Accountability Act (HIPAA), which addresses privacy protections for individually identifiable health information. The GLB not only addresses the privacy of financial information, but also addresses the necessity for administrative, technical and physical safeguarding of private, non-public information. Technology Services and the General Counsel's office will coordinate this initiative and ensure that the deadline is met. John Lawson has been designated as the interim Information Security Officer for the GLB Act and Michele Hebert-Solares will serve as the GLB Data Administrator. All areas of the University that conduct financial transactions and/or store or use non-public information for students, employees or customers will all need to participate in this process. Three items will occur:
Please write GLB@tulane.edu for questions or contact Denise B Alix at 865-5783. |
