{"id":305,"date":"2021-07-21T11:41:43","date_gmt":"2021-07-21T16:41:43","guid":{"rendered":"https:\/\/wp.stolaf.edu\/business-office\/?page_id=305"},"modified":"2023-06-07T08:11:33","modified_gmt":"2023-06-07T13:11:33","slug":"policy-gramm-leach-bliley-act","status":"publish","type":"page","link":"https:\/\/wp.stolaf.edu\/business-office\/policy-gramm-leach-bliley-act\/","title":{"rendered":"Policy, Gramm-Leach-Bliley Act"},"content":{"rendered":"<div data-modular-content-collection><p><strong>Title:<\/strong> St. Olaf College Gramm-Leach-Bliley Act Policy<br \/>\n<strong>Effective Date:<\/strong> 4-01-2011<br \/>\n<strong>Issuing Authority:<\/strong>\u00a0Office of the Vice President &amp; Chief Financial Officer<br \/>\n<strong>Program Coordinator:<\/strong>\u00a0 Nate Engle<br \/>\n<strong>Last Updated:<\/strong> 4-01-2011<\/p>\n<h3>Purpose of Policy<\/h3>\n<p>This Policy is intended to comply with the Financial Services Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA), enacted by United States Congress in 1999.\u00a0 Financial institutions, including anyone who offers financial products that are considered to be covered accounts, such as loans, are required to comply with the Gramm-Leach-Bliley Act.\u00a0 The Gramm-Leach-Bliley Act requires that Financial Institutions have a policy in place to protect consumer information from forseeable threats in security and data integrity.<\/p>\n<h3>Policy<\/h3>\n<p>St. Olaf College will provide safeguards to protect information and data in compliance with the Gramm-Leach-Bliley Act, related to the privacy and protection of personal information.<\/p>\n<h3>Procedures<\/h3>\n<p>There are three major components of the Gramm-Leach-Bliley Act including a Financial Privacy Rule, Safeguards Rule, and Pretexting Protection.<\/p>\n<h4>Financial Privacy Rule<\/h4>\n<p>The Financial Privacy Rule requires financial institutions to provide each consumer with a privacy notice at the time the consumer relationship is established and annually thereafter.\u00a0 This privacy notice must explain the information collected about the consumer, where that information is shared, how that information is used, and how that information is protected. \u00a0The notice must also identify the consumer\u2019s right to opt-out of the information being shared with unaffiliated parties.\u00a0 It is not the practice of St. Olaf College to share information with unaffiliated parties.<\/p>\n<p>The FTC has ruled in 16 C.F.R.\u00a0 Section 313.1(b) that any institution of higher education that complies with the Family Educational Rights and Privacy Act (FERPA) satisfies the privacy requirement of the GLBA.\u00a0 In instances such as deferred gift agreements, where St. Olaf College acts as a financial institution outside of the student financial records subject to FERPA, St. Olaf College privacy notices will be sent out annually.<\/p>\n<h4>Safeguards Rule<\/h4>\n<p>The Safeguards Rule requires financial institutions to develop a written information security plan that describes how the Company is prepared for and protects consumers\u2019 nonpublic personal information.\u00a0 The College has a <strong><a href=\"https:\/\/wp.stolaf.edu\/it\/data-classification\/\" target=\"_blank\" rel=\"noopener\">Data Classification Policy<\/a><\/strong> that accomplishes the requirements of this rule and designates program coordinators to oversee the compliance of various types of protected personal information.<\/p>\n<h4>Pretexting Protection<\/h4>\n<p>The Gramm-Leach-Bliley Act requires the financial institution take adequate measures to protect from pretexting, which occurs when someone tries to gain access to personal nonpublic information without the proper authority to do so.\u00a0 The College has a <strong><a title=\"Fair and Accurate Credit Transaction Act Policy\" href=\"https:\/\/wp.stolaf.edu\/finance\/red-flag-rules\/\">Fair &amp; Accurate Credit Transaction Act Policy<\/a>, also known as Red Flag Rules, which<\/strong> accomplishes the requirements of this rule.\u00a0 It includes an annual risk assessment of the security and privacy risks of the covered accounts, at which time any adjustments to security processes are made.\u00a0 The annual assessment also includes the review of procedures for employees who have access to covered data and information.<\/p>\n<p><!-- begin-migrated-from-panel-builder --><!-- end-migrated-from-panel-builder --><\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Title: St. Olaf College Gramm-Leach-Bliley Act Policy Effective Date: 4-01-2011 Issuing Authority:\u00a0Office of the Vice President &amp; Chief Financial Officer Program Coordinator:\u00a0 Nate Engle Last Updated: 4-01-2011 Purpose of Policy [&hellip;]<\/p>\n","protected":false},"author":3439,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-305","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/wp.stolaf.edu\/business-office\/wp-json\/wp\/v2\/pages\/305","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wp.stolaf.edu\/business-office\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/wp.stolaf.edu\/business-office\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/wp.stolaf.edu\/business-office\/wp-json\/wp\/v2\/users\/3439"}],"replies":[{"embeddable":true,"href":"https:\/\/wp.stolaf.edu\/business-office\/wp-json\/wp\/v2\/comments?post=305"}],"version-history":[{"count":3,"href":"https:\/\/wp.stolaf.edu\/business-office\/wp-json\/wp\/v2\/pages\/305\/revisions"}],"predecessor-version":[{"id":845,"href":"https:\/\/wp.stolaf.edu\/business-office\/wp-json\/wp\/v2\/pages\/305\/revisions\/845"}],"wp:attachment":[{"href":"https:\/\/wp.stolaf.edu\/business-office\/wp-json\/wp\/v2\/media?parent=305"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}