Policy: Information Security Program
Listing generated on 09/16/2024 at 12:06:53.
Name: | Information Security Program |
---|---|
Number: | 10001036 |
Code: | ADM.FT.100.001 |
Status: | Approved and Activated |
Administrative Division: | VC for Administration & Finance |
Responsible Office: | VC for Administration & Finance |
Effective Date: | 03/12/2024 |
Summary/Purpose: | This document summarizes the University of Mississippi’s comprehensive written information security program (the “Information Security Program”) mandated by the Federal Trade Commission’s Safeguards Rule (“Safeguards Rule”) and the Gramm – Leach – Bliley Act (“GLBA”). The GLBA also includes specific requirements regarding the privacy of customer financial information. The FTC has ruled that being in compliance with the Family Educational Rights and Privacy Act (FERPA) satisfies the privacy requirement of the GLBA, but does not satisfy the safeguarding provisions. The Appendix to this document includes the University’s Access to Students’ Records policy for FERPA compliance. This plan focuses on the safeguarding of customer information. In particular, this document describes the Information Security Program elements pursuant to which the Institution intends to (i) ensure the security and confidentiality of covered records, (ii) protect against any anticipated threats or hazards to the security of such records, and (iii) protect against the unauthorized access or use of such records or information in ways that could result in substantial harm or inconvenience to customers. The Information Security Program incorporates by reference the Institution’s policies and procedures enumerated below and is in addition to any institutional policies and procedures that may be required pursuant to other federal and state laws and regulations, including, without limitation, FERPA. The GLBA’s Safeguards and Privacy rules are designed to protect the non-public personal information (NPI) of consumers. This Information Security Program applies to customer financial information (“covered data”) the University receives in the course of offering a financial product or service, as required by the Safeguards Rule. This Information Security Program document is designed to provide an outline of the safeguards that apply to this information. The practices set forth in this document will be carried out by and impact diverse areas of the University. |
Policy Narrative: | PDF File |
People Affected: | FACULTY STAFF STUDENTS |
Keywords: | |
Related UM Policies: | |
Related Resources: | |
Policy Feedback |
Policy History |