/ / Trends in Higher Ed
lock data security

Safeguarding Students’ Information Now Requires Stricter Oversight

The Federal Trade Commission (FTC) issued a final rule on December 9, 2021, amending the customer information safeguard requirements under the federal Gramm-Leach-Bliley Act (GLBA), also known as the “Safeguards Rule.” Since 1999, the GLBA has set the standards for maintaining customer data for financial institutions, including colleges and universities that participate in the Title IV federal student aid programs.

While the revised Safeguards Rule took effect on January 10, 2022, schools will have until December 2022 to implement most of the required changes in the rule.  Some of the notable mandates include:

  • Concentrating program oversight under a single qualified individual rather than shared by a team or group of employees. While this oversight likely will be centered under an institution’s information technology department, look for the school’s chief information security officer (CISO) or chief information officer (CIO) to be the responsible party.
  • Ensuring that information security programs are based on a written risk assessment that looks at “foreseeable internal and external risks to the security, confidentiality, and integrity” of any consumer (student) information held by the institution. Written documentation is now a mandatory requirement under the Rule.
  • Designing information security programs to control assessed risks that include eight specific types of safeguards:
  • Monitoring and testing of internal controls and procedures regularly to protect against actual and attempted hacks of information systems.
  • Overseeing and assessing service providers when contracting for outside services. This will include actual periodic assessments of vendor systems by the institution.
  • Reporting annually to the institution’s board about its information security program and compliance with the updated Safeguards Rule.

Because higher education institutions are frequent targets of hackers and victims of data breaches, a strong and well-understood infrastructure and program to maintain and protect student information is critical. These programs require institution-wide accountability. It is vital that all employees be aware of changes and take responsibility to protect personal data.

 

 

Handling Student Payments More Efficiently

by David Glezerman

Getting students to pay their tuition on time is challenging in normal times. During the COVID-19 pandemic, new barriers have arisen to receiving and processing these payments—and many other types of payments–quickly and efficiently. Despite efforts to work remotely to avoid spread of the virus, business officer staff still must come to campus to process and deposit checks. This can be stressful for students who want to make sure their payments were received on time. If your school uses a payment vendor or bank to receive and process its transactions, many students and families prefer to use traditional payment methods. It is important to promote the security and easeof-use provided with online payments.

Changing the culture of institutional payers is complex and requires clear and concise communications with both internal and external customers. How an institution describes options and communicates its preferences and expectations will set the tone for success or failure.

Maintaining quality customer service and enhancing cash flow is crucial to educational institutions, particularly during troubled times. Colleges and universities should be looking at existing processes to identify opportunities for improvements and efficiencies. To help your institution find solutions to enhance customer service, streamline cumbersome processes, and improve cash flow, please see our recent industry paper on Cashiering: Migrating from Cash and Checks to Digital Payments.

Want to improve your digital payment adoption rate?

Consider these steps:

  • Examine current payment patterns to find opportunities
  • Investigate business relationships with banks and payment vendors and if there are best practice solutions that your institution is not utilizing
  • Review your customer communications to assure that messaging is clear, concise, and accurate
FAS Stacked Logo

180 Interstate North Parkway
Suite 550, Atlanta, GA 30339

info@financialaidservices.org
770.988.9447

Contact Us

Privacy Statement

Why FAS?

Overview

Mission + Values

Our Team

Services

Consulting + Training

Interim Staffing

Outsourced Processing

News + Events

Press Releases

Events

Resources

Innovation from the CEO

Consultant Insights

Research + Resources

Join our Team
©2023 Financial Aid Services. All Rights Reserved.