The Gramm-Leach-Bliley Act (GLBA) of 1999 is a federal law that applies to financial institutions, or companies that do business like a financial institution, such as making loans. Since some business processes at UTD may fall under the definition of a “financial institution,” UT Dallas is required to follow the compliance statutes of GLBA.
The compliance sections of GLBA refer to both the privacy rules regarding protecting consumer information and safeguard rules, which dictate that information security programs and security controls be developed to protect financial data. Since the University already complies with FERPA, the Federal Trade Commission has ruled that the privacy rule does not apply, and only the safeguard rule applies.
Failure to comply with GLBA may result in sanctions, fines and/or imprisonment of officials. Any department that provides financial services like a financial institution is subject to GLBA.
For more information, visit the FTC’s GLBA page.