Ohio Administrative Code
Title 3358:14 - Northwest State Community College
Chapter 3358:14-13 - Information Technlology
Section 3358:14-13-02 - Standards for safeguarding customer information

Universal Citation: OH Admin Code 3358:14-13-02

Current through all regulations passed and filed through March 18, 2024

In order to protect personal critical information and data, Northwest state community college will comply with the Financial Services Modernization Act of 1999 (also known as Gramm Leach Bliley (GLB) 15 U.S.C. 6801).

(A) This policy summarizes Northwest state community college's comprehensive written information security program mandated by the federal trade commission's safeguards rule and the Gramm Leach Bliley Act ("GLBA"). The policy and following procedure define how Northwest state community college will:

(1) Ensure the security and confidentiality of nonpublic financial records.

(2) Protect against any anticipated threats or hazards to the security of such records.

(3) Protect against the unauthorized access or use of such records or information in ways that could result in substantial harm or inconvenience to customers.

(B) This information security program incorporates existing Northwest state community college policies and procedures and is in addition to any institutional policies and procedures that may be required pursuant to other federal and state laws and regulations, including without limitation FERPA.

(C) This policy applies to all student, employee, and financial data collected by the college, especially data that contains personal identifying information (PII) and is individually identifiable.

(D) While these practices mostly affect I.T., some of them will impact diverse areas of the college, including but not limited to business office, custom training solutions (CTS), grants office, learner services, the office of the registrar, and many third-party contractors, facilities and building service providers. The goal of this document is to define the college's information security program, to provide an outline to assure ongoing compliance with federal regulations related to the program and to position the college for likely future privacy and security regulations.

(E) In order to comply with GLBA, NSCC has designated an information security policy coordinator. This individual must work closely with the business office, the state of Ohio attorney general, the network/systems administrators, data systems, as well as all relevant academic and administrative departments throughout the college. The coordinator is the chief financial officer or designee. The coordinator must help the relevant offices of the college identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information; evaluate the effectiveness of the current safeguards for controlling these risks; design and implement a safeguards program, and regularly monitor and test the program.

Disclaimer: These regulations may not be the most recent version. Ohio may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.