Page 7 - Campus Technology, March/April 2018
P. 7
DATA SECURITY
April 30 – May 4, 2018 Hyatt Regency Austin
Austin,TX
ED’s informal approach to notification means that some institutions likely do not know that ED’s reporting expectations have changed and, more importantly, institutions will continue to be confused in 2018.
institutions about the new obligations at Federal Student Aid conferences and via webinars (such as the Nov. 14, 2017 webinar available here.) Attendees are taking the mandate back to their campuses, but the change is being met with resistance from administrators and practitioners — in large part, because the new expectations contradict ED’s previous written guidance in documents like the Data Breach Response Checklist published by ED’s Privacy Technical Assistance Center in 2012 (which was still available on the PTAC’s website as of the date that this article was written). ED’s informal approach to notification means that some institutions likely do not know that ED’s reporting expectations have changed and, more importantly, institutions will continue to be confused in 2018.
ED now asserts that institutions must report any “suspected” data breach on the day it is detected. ED has stated that the legal authority for the new reporting expectations is found in an institution’s Federal Student Aid Program Participation Agreement (PPA) and its Student Aid Internet Gateway (SAIG) Agreement. Although institutions certify that they comply with the Gramm-Leach-Bliley Act (GLBA) in their PPAs, and the SAIG Agreements require institutions to report a security incident that involves a compromise of “Electronic Services” that are utilized to administer Federal Student Aid, neither agreement (nor GLBA) states that an institution must report any “suspected” breach on the day it is detected. The current PPAs and SAIG Agreements do not appear to provide
VSLive! 1999
vslive.com/austin
7
CAMPUS TECHNOLOGY | March/April 2018
SILVER SPONSOR SUPPORTED BY
PRODUCED BY
magazine
We’re Gonna
Code Like It’s 2018!
VSLive! 2017
1993 - 2018
INTENSE TRAINING FOR DEVELOPERS, ENGINEERS, PROGRAMMERS, ARCHITECTS AND MORE!
Development Topics Include:
> Visual Studio / .NET
> JavaScript / Angular
> Xamarin
> Software Practices
> Database and Analytics
> ASP.NET / Web Server > ALM / DevOps
> Azure/Cloud
> UWP
> Hands-On Labs
Register to code with us today!
Register Now and Save $200!
Use promo code AUONE