Synergy & Associates
USDE Enforcing Cybersecurity Requirements - Safeguarding Student/Parent Information
Institutions participating in the Title IV, HEA programs (including third-party servicers) with fiscal year (FY) ending on or after December 31, 2019, may want to (with emphasis) read the U.S. Department of Education's (Department) recent announcement posted this past Friday, February 28, 2020 to ensure you're complying with the Gramm-Leach-Bliley Act (GLBA) requirements.
This will help you avoid audit findings and any potential fines or administrative action(s) due to noncompliance. However, at this time of year, annual compliance audits for FY-ending December 31, 2019 are already under way for many institutions...Regardless, we encourage that you review prior letters provided below, as referenced in the recent announcement for a comprehensive understanding of all requirements described:
October 30, 2019 - Department's Dear CPA letter
July 29, 2015 - Dear Colleague Letter GEN-15-18
July 1, 2016 - Dear Colleague Letter GEN-16-12
Disclaimer: This Blog/Web Site is made available by Synergy & Associates, LLC for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By using this blog site you understand that there is no attorney-client relationship between you and the Blog/Web Site publisher. The Blog/Web Site should not be used as a substitute for professional consultation and/or competent legal advice from a licensed professional attorney in your state.