Policy: Information Security Program

Listing generated on 02/21/2024 at 16:30:10.

Name: Information Security Program
Number: 10001036
Code: ADM.FT.100.001
Status: Approved and Activated
Administrative Division: VC for Administration & Finance
Responsible Office: VC for Administration & Finance
Effective Date: 06/12/2023
Summary/Purpose: This document summarizes the University of Mississippi’s comprehensive written
information security program (the “Information Security Program”) mandated by
the Federal Trade Commission’s Safeguards Rule (“Safeguards Rule”) and the
Gramm – Leach – Bliley Act (“GLBA”). The GLBA also includes specific
requirements regarding the privacy of customer financial information.
The FTC has ruled that being in compliance with the Family Educational
Rights and Privacy Act (FERPA) satisfies the privacy requirement of
the GLBA, but does not satisfy the safeguarding provisions. The Appendix
to this document includes the University’s Access to Students’ Records
policy for FERPA compliance. This plan focuses on the safeguarding of
customer information.
In particular, this document describes the Information Security Program
elements pursuant to which the Institution intends to (i) ensure the security
and confidentiality of covered records, (ii) protect against any anticipated
threats or hazards to the security of such records, and (iii) protect
against the unauthorized access or use of such records or information in
ways that could result in substantial harm or inconvenience to customers.
The Information Security Program incorporates by reference the Institution’s
policies and procedures enumerated below and is in addition to any
institutional policies and procedures that may be required pursuant to
other federal and state laws and regulations, including, without limitation,
The GLBA’s Safeguards and Privacy rules are designed to protect the non-public
personal information (NPI) of consumers. This Information Security Program
applies to customer financial information (“covered data”) the University
receives in the course of offering a financial product or service, as
required by the Safeguards Rule.
This Information Security Program document is designed to provide an
outline of the safeguards that apply to this information. The practices set
forth in this document will be carried out by and impact diverse areas of the
Policy Narrative: PDF File
People Affected:  FACULTY    STAFF    STUDENTS  
Related UM Policies:
Related Resources:

Policy Feedback

Policy History