GLBA Safeguards Rule Quick Reference

Tags Policy

Examples of Financial Products/Services and Customer Information

The GLBA Safeguards Rule (16 CFR 314) (“the Rule”) requires the university to develop, implement, and monitor processes aimed at ensuring the security of certain nonpublic personal information obtained when the university offers or delivers (or offers or delivers on behalf of an affiliate) a customer a financial service or product. The Rule also includes any list, description, or grouping of customers created using information that is not publicly available. The Rule applies to any college/administrative unit responsible for obtaining, controlling, or maintaining such information.

Most departments will not possess or maintain information subject to the Rule; however, it is important to be mindful of examples of activities and information that may subject a department to the Rule so appropriate steps may be taken to ensure the security and confidentiality of such information. The following is provided to illustrate examples of financial services and products and customer information involved that may be covered by the Rule.

Examples of Financial Services or Products that May Be Covered by the Rule

  • Opening and/or maintaining a credit or investment account or product for students, faculty, staff, or other university customers.
  • Extending credit to students, faculty, staff, or other university customers (e.g., Subsidized, Unsubsidized, and Perkins Loans). This does not include deferred payments, short-term payment plans, and accepting credit card payments.
  • Servicing long-term payment plans (as described above) to students, faculty, staff, or other university customers.
  • Entering into a lease agreement with an individual for personal property on a nonoperating basis (e.g., property that will not be operated by the university or an approved agent).
  • Selling monetary instruments, such as traveler’s checks and money orders, to students, faculty, staff, or other university customers on a continuing basis.
  • Providing financial, investment, or economic advisory services (e.g., tax preparation assistance) to students, faculty, staff, or other university customers for a fee.
  • Providing career counseling services to students, faculty, staff, or other university customers who are seeking employment with a financial institution or a financial-related department of any company (or while employed by such a company or in such a department).
  • Providing real estate settlement services to students, faculty, staff, or other university customers.

 Examples of Customer Information that May Be Obtained during Activities Covered by the Rule

  • Account balances
  • Account numbers
  • Debit/credit card numbers
  • Income and payment history
  • Credit score or rating
  • Social Security number
  • Internet Service Provider (ISP) address
  • Name, address, and other information provided on a loan application