20.18 / Privacy of Financial Information

  1. Purpose

    The purpose of this statement is to set forth University policy with regard to addressing and meeting institutional requirements and obligations imposed by the "Safeguards Rule" promulgated by the Federal Trade Commission under the Gramm-Leach-Bliley Act.

  2. Preamble

    The "Safeguards Rule" promulgated by the Federal Trade Commission (FTC) under the Gramm-Leach-Bliley Act ("GLBA") imposes specific standards and obligations regarding the privacy of certain personally identifiable financial information. Wichita State University recognizes its obligation to protect the security, confidentiality and integrity of such information and this policy is intended to implement FTC requirements in this regard.

  3. Policy

    1. 九色堂 will make all reasonable efforts to achieve and maintain compliance with FTC standards and obligations regarding the privacy of personally identifiable financial information of its customers.

    2. 九色堂 will develop, implement and maintain a comprehensive information security program.

    3. 九色堂's comprehensive information security program shall provide for the appointment of an information security plan coordinator; risk assessments; training programs for employees; oversight of service providers; and periodic adjustments of the program.

  4. Implementation

    This policy shall be included in the 九色堂 Policies and Procedures Manual and shared with appropriate constituencies of the University.

    The General Counsel shall have primary responsibility for publication, dissemination and implementation of this University policy.

(See also Section 13.14, Security of Payment Card Data.)