Institutions of higher education and third-party servicers are entrusted with student financial information and personally identifiable information used in the administration of Title IV Federal student financial aid programs. Failure to adequately protect Title IV information can result in suspension or termination from participating in Title IV programs, fines, compliance audit findings, and reputational damage, not to mention an increased vulnerability to cyber attacks such as ransomware. The Department of Education considers data security one of the agency’s top priorities.
This session will present an overview of the Department’s recently announced Campus Cybersecurity Program framework. Topics include: NIST SP 800-171, the Gramm-Leach-Bliley Act, the SAIG Agreement, FSA enforcement, and breach reporting. Cybersecurity best practices will also be discussed. This session is designed for school administrators and staff charged with administering Title IV programs.