The Gramm Leach Bliley Act
The Gramm-Leach-Bliley Act (GLB or Act) requires “financial institutions” (which includes colleges and universities) to protect the privacy of their customers, including customers’ nonpublic, personal information or “covered data”. Covered data includes information obtained from students, students' parents, faculty, staff, or other third parties in the course of offering a financial product or service, or such information provided to the University from another institution. Examples of customer financial information relating to such products or services are addresses, phone numbers, bank and credit card account numbers, income and credit histories and social security numbers. Covered data may consist of both paper and electronic records that are handled by the University or its affiliates.
Wesleyan University has a responsibility to secure the personal records of its students and employees and other individuals considered customers under the Act. To ensure this protection, GLB mandates that all institutions establish appropriate administrative, technical and physical safeguards. The Act requires covered institutions to develop, implement and maintain a comprehensive information security program containing the administrative, technical and physical safeguards that are appropriate based upon the University’s size, complexity and the nature of its activities.
Working with the Office of Legal Counsel, Steve Machuga is the lead Gramm-Leach-Bliley Coordinator for the University. He may be reached at firstname.lastname@example.org or telephone # 860.685.2138.