Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 FTC SAFEGUARDS RULE Gramm-Leach-Bliley Act Effective 5/23/2003.

Published byRiley Hamons Modified over 10 years ago

Similar presentations

Presentation on theme: "1 FTC SAFEGUARDS RULE Gramm-Leach-Bliley Act Effective 5/23/2003."— Presentation transcript:

1 1 FTC SAFEGUARDS RULE Gramm-Leach-Bliley Act Effective 5/23/2003

2 2 Introduction The purpose of the FTC Safeguards Rule is to: Ensure the security and confidentiality of customer information. Customer information is defined as any record containing nonpublic personal information such as a social security number, whether in paper, electronic, or other form, that is handled or maintained by or on behalf of VCU or its affiliates. Protect against any anticipated threats or hazards to the security or integrity of such records. Protect against unauthorized access to or use of such records or information that could result in substantial harm or inconvenience to any customer. This Rule is governed by the Federal Trade Commission and is required by the Gramm-Leach-Bliley Act that was signed into law by President Clinton on November 12, 1999. Go to http://www.ftc.gov/privacy/glbact/ for more information on the Gramm-Leach-Bliley Act. http://www.ftc.gov/privacy/glbact/

3 3 Standards for Safeguarding Customer Information The goal of Virginia Commonwealth University is to eliminate unacceptable risks in order to safeguard customer information and protect the confidentiality and privacy rights of its customers.

4 4 Protected Customer Information The privacy rule limits the use and disclosure of customer information. View the Family Educational Rights and Privacy Act (FERPA) at this website: http://www.students.vcu.edu/rg/policies/rg7privy.html Use refers to what is done with the protected information, such as nonpublic information, within VCU. Disclosure refers to what is given out to an external entity for use outside of VCU. Covered Entities: Non directory information such as social security number, grades, schedules, GPAs, bank account numbers, ID numbers, and academic standing.

5 5 Practical Tips for Safeguarding Customer Information Do not leave confidential data unattended or visible by others. Shred and never recycle documents containing confidential customer information such as a social security number. Secure all daily work in locked file cabinets or drawers Protect secured areas – lock all doors, and never loan your key. Talk quietly when discussing confidential or private information with a customer. Avoid the use of names or other identifying information whenever possible. Sensitive information should not be sent to remote printers or photocopiers where access is uncontrolled. Nor should it be faxed where the physical security of the receiver is unknown. Include a confidential statement on your fax transmittal sheet that information sent to the incorrect destination be destroyed, and requesting notification to the sender of such errors. Do not dispose of documents containing nonpublic information in wastebaskets, or recycling bins; instead, shred or otherwise destroy before discarding. Sensitive information should never be left on voicemail, or answering machines. Avoid using nonpublic information via e-mail. Use password-activated screensavers.

6 6 What This Means VCU should safeguard customers information by adhering to the following policies and guidelines: Federal Educational Rights and Privacy Act (FERPA) - http://www.students.vcu.edu/rg/policies/rg7privy.html http://www.students.vcu.edu/rg/policies/rg7privy.html State and University policies on Records Retention and Disposition - http://beech.vcu.edu/das/info.nsf/pages/record.htm http://beech.vcu.edu/das/info.nsf/pages/record.htm University Information Technology Policies and Guidelines - http://www.at.vcu.edu/ovp/policies.htmlhttp://www.at.vcu.edu/ovp/policies.html VCU Financial Policies - http://www.vcu.edu/finance/finpolicies/policy.htm http://www.vcu.edu/finance/finpolicies/policy.htm State of Virginia Information Technology Policies and Guidelines - http://www.dhrm.state.va.us/hrpolicy/policy/pol1_75.pdf http://www.dhrm.state.va.us/hrpolicy/policy/pol1_75.pdf Payroll Services Guidelines and Polices - http://www.hr.vcu.edu//payroll/index.htm http://www.hr.vcu.edu//payroll/index.htm

7 7 Comments/Questions Please forward any comments or questions to the Safeguard Coordinator, Anjour B. Harris, at abharris@vcu.edu, or P.O. Box 842520. abharris@vcu.edu

Download ppt "1 FTC SAFEGUARDS RULE Gramm-Leach-Bliley Act Effective 5/23/2003."

Similar presentations

TIPS FOR MANAGING YOUR INFORMATION:

TIPS FOR MANAGING YOUR INFORMATION:
Family Educational Rights and Privacy Act What you should know about FERPA.

Family Educational Rights and Privacy Act What you should know about FERPA.
University of Minnesota

University of Minnesota
Protect Our Students Protect Ourselves

Protect Our Students Protect Ourselves
FERPA: Family Educational Rights and Privacy Act

FERPA: Family Educational Rights and Privacy Act
HIPAA Health Insurance Portability and Accountability Act of 1996

HIPAA Health Insurance Portability and Accountability Act of 1996
FERPA: UPDATE ON THE FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Presented by Brenda V. S. Selman University Registrar-MU University of Missouri-Columbia.

FERPA: UPDATE ON THE FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Presented by Brenda V. S. Selman University Registrar-MU University of Missouri-Columbia.
Welcome to the SPH Information Security Learning Module.

Welcome to the SPH Information Security Learning Module.
Compliance with Federal Trade Commission’s “Red Flag Rule”

Compliance with Federal Trade Commission’s “Red Flag Rule”
Red Flags Rule BAS Forum August 18, 2010. What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.

Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
Detecting, Preventing and Mitigating Identity Theft Presented by the Bursar’s Office.

Detecting, Preventing and Mitigating Identity Theft Presented by the Bursar’s Office.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Is It Legal? Is It Fair? What Is and Is Not Enforceable in the College Classroom.

Is It Legal? Is It Fair? What Is and Is Not Enforceable in the College Classroom.
Identity Theft Prevention Program Red Flags Rules Fighting Fraud at Montana Tech.

Identity Theft Prevention Program Red Flags Rules Fighting Fraud at Montana Tech.
Privacy and Information Security Training (2006-07) VUMC Privacy Website www.mc.vanderbilt.edu/privacy.

Privacy and Information Security Training ( ) VUMC Privacy Website
Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.

Health Insurance Portability and Accountability Act HIPAA Education for Volunteers and Students.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

Similar presentations

Ads by Google