Proposal to tighten data security rule meets resistance from higher ed groups – Education Dive
- A proposal to tighten data security rules — out for comment through August 2 — could make compliance more restrictive for colleges.
- The Federal Trade Commission (FTC) is proposing expansive changes to the Safeguards Rule, which is part of its duties under the Gramm-Leach-Bliley Act (GLBA) and requires funds-disbursing institutions to secure financial information such as names and Social Security numbers.
- The GLBA already requires colleges to protect this data, but the regulations could compel them to take specific, codified steps to do so.
Since 2016, when the FTC first brought up changes to the Safeguards Rule, higher ed stakeholders have urged the commission to ensure the flexibility and autonomy colleges currently enjoy under the rule aren’t replaced with an all-encompassing IT diktat. Those stakeholders include the National Association of College and University Business Officers (NACUBO), the American Council on Education and Educause, a higher ed information technology association.