Finding Text
Student Financial Assistance Cluster
84.379 Teacher Education Assistance for College and Higher Education Grants, 84.007 Federal Supplemental Educational Opportunity Grants, 84.033 Federal Work-Study Program, 84.063 Federal Pell Grants, 84.268 Federal Direct Student Loans, 84.038 Federal Perkins Loan Program
U.S. Department of Education Program Year 2022 - 2023
Criteria or Specific Requirement - Special Tests: Gramm-Leach-Bliley Act - Student Information Security 16 CFR 314.4(c)(1) - (8), 16 CFR 314.4(d), 16 CFR 314.4(e)(1), 16 CFR 314.4(f), 16 CFR 314.4(g)
Condition - University does not have a written information security program that addresses all required elements of the Gramm-Leach-Bliley Act.
Questioned costs - None
Context - On December 9, 2021, the Federal Trade Commission issued final regulations for 16 CFR Part 314 to implement the Gramm-Leach-Bliley Act information safeguarding standards that institutions must implement. The regulations established minimum standards that institutions must meet. Institutions were required to be in compliance with the revised requirements no later than June 9, 2023. The University's written information security program contained 2 out of the 14 elements required by the revised Gramm-Leach-Bliley Act regulations.
Effect - The University's written information security procedures do not address all required written statement elements of the Gramm-Leach-Bliley Act.
Cause - The University did not update its written information secutiry program by June 9, 2023 for the revised requirements of 16 CFR Part 314.
Indication as a repeat finding - N/A
Recommendation - The University should revise its written information security program to be compliant with the current requirements of 16 CFR Part 314.