Home
LITS

Gramm-Leach-Bliley Act (GLBA)

Overview:

The Gramm-Leach-Bliley Act (GLBA) is designed to ensure the security and confidentiality of customer information maintained by financial institutions. Trinity College meets the definition of financial institution because it participates in the Department of Education’s student financial assistance program.

Key Terms:

  • Customers – any person who is provided financial services by the college
  • Customer Information – any record containing non-public personal information about a customer, whether in paper, electronic, or other form, that is handled or maintained by or on behalf of the college or its affiliates
  • Non-Public Information (NPI) – any financial information given by a consumer to a financial institution for the purpose of obtaining a financial product
  • Financial Institution – Institutions that are significantly engaged in financial activities. Financial activities include those entities that participate in the Department of Education’s student financial assistance program
  • Financial Product or Service – student loans, employee loans, activities related to extending credit, financial and investment advisory activities, management consulting and counseling activities, community development activities, and other miscellaneous financial services

Regulation Requirements:

The College must ensure that all federal student aid applicant information is protected from access by or disclosure to unauthorized personnel.

The security of financial aid information includes the following three mandated procedures:

  1. Institutions must designate an individual to coordinate the information security program
  2. Institutions must perform a risk assessment that addresses three required areas: a) employee training and management; b) information systems, including network and software design, as well as information processing, storage, transmission, and disposal; and c) detecting, preventing, and responding to attacks, intrusions, or other systems failures
  3. Institutions must document a safeguard for each risk identified during risk assessments

Additional information on Trinity College’s GLBA practices will be available in the Trinity College GLBA Information Security Program, which is scheduled for release by June 2025.