Security Awareness Program: Title IV Data

LETU maintains a security awareness program for Title IV data led by the Senior Director of Student Financial services that includes:
  • Annual documented training of all personnel handling Title IV data
  • Annual review of this program
  • Implementation of the Data Loss Prevention (DLP) systems

Training for personnel shall include at a minimum:

  • Understanding of Student Aid Internet Gateway (SAIG) agreement response to a suspected or known breach (How do I report a Breach)
  • How to ensure that all users are aware of and comply with all of the requirements to protect and secure data from Departmental sources using SAIG
    • The Student Aid Internet Gateway (SAIG) Agreement requires that as a condition of continued participation in the federal student aid programs Title IV schools report suspected/actual data breaches
    • Title IV schools must report on the day of detection when a data breach is even suspected
    • The Department has the authority to fine institutions that do not comply with the requirement to self-report data breaches; up to $54,789 per violation per 34 C.F.R. ยง 36.2
    • The Department has reminded all institutions of this requirement through Dear Colleague Letters (GEN 15-18, GEN 16-12), electronic announcements, and the annual FSA Handbook.  
  • Understanding of PII and the LETU Data Classification Policy (Policy 6.2)
  • Acceptable Use of Technology Systems at LETU (Policy 6.1)
  • Documentation of agreement to all of the above
Print Article


Article ID: 123645
Tue 1/5/21 8:22 AM
Mon 6/12/23 2:47 PM

Related Articles (1)

LeTourneau University Information Security Program: Controls, Safeguards and Compliance
(incl compliance elements for Title IV/GLBA Safeguards: Department of Education Requirements)