Compliance

Red Flag Rule-was created by the Federal Trade Commission (FTC), along with other government agencies such as the National Credit Union Administration (NCUA), to help prevent identity theft.

University of Alaska System (State Wide) Policy

Federal Requirement

Family Educational Rights and Privacy Act (FERPA)- The Family Educational Rights and Privacy Act (FERPA) deals  with the privacy of education students records that are 1) directly related to a student and 2) maintained by an institution or a party acting on behalf of the institution. UA strives to protect student records as per FERPA guidelines.  All faculty and staff who have access to student records are required to complete an annual FERPA training.

University of Alaska System (State Wide) Policy

Alaska State Requirement

Federal Requirement

Payment Card Industry (PCI)- The Payment Card Industry (PCI) standard is designed to safeguard sensitive data for all card brands.

University of Alaska (State Wide) Policy

Alaska State Requirement

Industry Requirement

UA PCI Advisory Team

Gramm–Leach–Bliley Act (GLB) AKA the Financial Services Modernization Act of 1999-The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLB Act), includes privacy provisions to protect consumer information held by financial institutions. In 2003, the Federal Trade Commission (FTC) confirmed that higher education institutions are considered financial institutions under this federal law.

Educational Requirement

Federal Requirement

GLB Law

Financial Aid Code of Conduct

Health Insurance Portability and Accountability Act (HIPAA)- The HIPAA  addresses the security and privacy of health data.

University of Alaska (State Wide) Policy

Alaska State Requirement

Federal Requirement

HIPAA Law

Privacy Act of 1974-The Privacy Act requires that agencies give the public notice of their systems of records by publication in the Federal Register.

Federal Requirement

Privacy Act of 1974

Alaska Personal Information Protection Act- The law provides several protections for personal information, a notice requirement when a breach of security concerning personal information has occurred; the ability to place a security freeze on a consumer credit report; various restrictions on the use of personal information and credit information; the disposal of records containing personal information; allowing a victim of identity theft to petition the court for a determination of factual innocence; and truncation of credit card information.

Alaska State Requirement

Alaska Personal Information Protection Act