Security Awareness Program: Title IV Data

Body

  • Annual documented training of all personnel handling Title IV data
  • Annual review of this program
  • Review and sign off by the LeTourneau Information Technology department in consultation with the functional area and in compliance with LETU Policy 6.6 Technology Purchases and Support for any software or system which handles PII / Title IV data and for the administration and maintenance plan for that system including incorporation of LETU's MFA, DLP and other Information Security Safeguards and measures.
  • Implementation of Data Loss Prevention (DLP) systems

Training for personnel shall include at a minimum:

  • Understanding of Student Aid Internet Gateway (SAIG) agreement response to a suspected or known breach (How do I report a Breach)
  • How to ensure that all users are aware of and comply with all of the requirements to protect and secure data from Departmental sources using SAIG
    • The Student Aid Internet Gateway (SAIG) Agreement requires that as a condition of continued participation in the federal student aid programs Title IV schools report suspected/actual data breaches
    • Title IV schools must report on the day of detection when a data breach is even suspected
    • The Department has the authority to fine institutions that do not comply with the requirement to self-report data breaches; up to $54,789 per violation per 34 C.F.R. § 36.2
    • The Department has reminded all institutions of this requirement through Dear Colleague Letters (GEN 15-18, GEN 16-12), electronic announcements, and the annual FSA Handbook.  
  • Understanding of PII and the LETU Data Classification Policy (Policy 6.2)
  • Acceptable Use of Technology Systems at LETU (Policy 6.1)
  • Documentation of agreement to all of the above

Details

Details

Article ID: 123645
Created
Tue 1/5/21 9:22 AM
Modified
Wed 7/3/24 10:12 AM

Related Articles

Related Articles (1)

LeTourneau University Information Security Program: Controls, Safeguards and Compliance
(incl compliance elements for Title IV/GLBA Safeguards: Department of Education Requirements)