Date: Fri, 29 Mar 2024 08:13:04 +0000 (UTC) Message-ID: <260921606.7669.1711699984897@ip-10-10-7-29.ec2.internal> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_7668_149577788.1711699984895" ------=_Part_7668_149577788.1711699984895 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
This page provides a brief list of the most common federal data prot= ection laws. For a more comprehensive list of key federal laws and regulati= ons governing colleges and universities, please visit the Higher = Education Compliance Alliance website to view the HECA Com= pliance Matrix.
The following federal laws apply to how higher education in= stitutions and non-governmental agencies collect and use data.
The Health Insurance Portability and Accountability Act of 1= 996 (HIPAA): Requires covered entities (typically medical and heal= th insurance providers and their associates) to protect the security and pr= ivacy of health records. This law is often implicated in conversations abou= t student data when institutions have a campus medical center and student m= edical records are integrated with student educational records (which are p= rotected under FERPA).
See the U.S. Department of Health and Human Services HIPAA website for more information.
The Gramm Leach Bliley Ac= t (GLBA): Applies to financial institutions and contains privacy a= nd information security provisions that are designed to protect consumer fi= nancial data. This law also applies to how institutions collect, store, and= use financial records (e.g., records regarding student tuition payments an= d/or financial aid) containing personally identifiable information.<= /p>
See the U.S. Federal Trade Commission GLBA website for more informati= on.
The Fair and Accurate Cre= dit Transaction Act of 2003 (FACTA or =E2=80=9CRed Flags Rule=E2=80=9D): Requires entities engaged in certain kinds of consumer financial tra= nsactions to be aware of the warning signs of identity theft and to take st= eps to respond to suspected incidents of identity theft. Like GLBA, this la= w applies to how institutions collect, store, and use student financial rec= ords.
See the U.S. Federal Trade Commission Red Flags Rule website for more informa= tion.
The following laws apply to
Questions or comments? Contact us.
Except= where otherwise noted, this work is licensed under a Creative Commons Attr= ibution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0).