About GLBA Compliance
The Financial Modernization Act of 1999, also known as the "Gramm-Leach-Bliley Act" (GLBA) includes provisions to protect consumers' personal financial information held by financial institutions. Higher education institutions are subject to the provision of the GBLA statute related to the administrative, technical, and physical safeguarding of customer information.
Who Should Know This Information
Resources
Any employee, faculty, or staff responsible for protecting or managing consumers’ personal financial information or who have access to consumers’ personal financial information.
Awareness and Training
All University employees that interact with the covered consumer data during their daily activities are required to complete the GLBA Compliance training course. Managers and supervisors are responsible for determining which positions are applicable. GLBA Awareness and Compliance Training is available in REBELearn. Training is mandatory and should be completed within 30 days of individuals serving in applicable roles and, thereafter, on an annual basis. Supervisors can request that employees be enrolled in the REBELearn training by emailing qafc@unlv.edu.
Responsibilities
UNLV has designated a cross-functional GLBA Oversight Team which is responsible for:
- Overseeing annual GLBA training
- Conducting annual GLBA risk assessments in coordination with Nevada System of Higher Education (NSHE)
UNLV has adopted an information security program to assure compliance with GLBA provisions for safeguarding customer information. Key initiatives of the program include:
- A designated employee to coordinate an information security program.
- Identifying risks to the security of customer information (including a risk management of computer information systems).
- Contractually requiring service providers to implement and maintain safeguards.
- Units that collect or utilize customer financial information are represented by executive leaders on the GLBA Oversight Team. Examples include units that:
- Administer financial aid
- Process credit card information
- Each university unit has a functional lead appointed to the GLBA oversight team to manage safeguards and practices for their unit.
- University units periodically:
- Assess their current customer information practices
- Identify vulnerabilities
- Take appropriate measures to secure customer information
This committee meets regularly to discuss current and emerging issues related to GLBA compliance, as well as develop strategies that will ensure the necessary controls are implemented, maintained, and monitored.
Members
- Kivanc Oner, Information Technology
- John Dudley, Information Technology
- Kate Korgan, Ph.D., Academic Affairs
- Barb Roberts, Academic Affairs
- Zack Goodwin, Financial Aid
- Lori Church, Controller's Office
- Joe Sunbury, Business Affairs
- Alexandra Nikolich, Business Affairs