Federal
Privacy Act Impacts NMU
Northern
stopped using social security numbers last year and implemented
a system of identification numbers to protect students’ personal
information. But a federal act requires that more measures be taken
to ensure privacy.
For
example, Dave Maki (AdIT) said academic departments
and campus offices should not store personal information on current
or former students on departmental servers, personal computers,
or even in hard-copy form unless they are in compliance with all
policies and safeguarded to protect the data.
The
Financial Modernization Act of 1999, also known as the Gramm-Leach-Bililey
(GLB) Act, ensures the protection of consumers’ personal financial
information held by financial institutions. NMU and other universities
fall under this act because they lend funds to consumers through
financial aid.
“There
are two main parts of the GLB Act that affect Northern: the Privacy
Rule and the Safeguards Rule,” said Maki. “Since NMU is compliant
with the Family Education Rights and Privacy Act, it is therefore
compliant with the GLB Privacy Rule. The Safeguards Rule requires
administrative, technical and physical safeguarding of customer
information; NMU has policies and procedures in place to safeguard
personal information. We have also stopped using social security
numbers, and we are working to ensure that we are compliant with
the new Visa/Mastercard regulations concerning the security of credit
card information.”
Compliance
with the GLB Act must be university-wide, and Maki said NMU is monitoring
its progress. Besides social security numbers and credit card information,
students’ names, addresses, phone numbers, birth dates, driver’s
license numbers and mother’s maiden names also qualify as personal
information that needs to be protected.
|