Safeguards and Evaluation Overview

Designing and Implementing Safeguards. A risk assessment and analysis applies to all methods of handling or disposing of nonpublic financial information, whether in electronic, paper or other form. The Coordinator of IT Services has implemented safeguards to control the risks identified through such assessments and to regularly test or otherwise monitor the effectiveness of such safeguards. Such testing and monitoring may be accomplished through existing monitoring and problem escalation procedures.

Overseeing Service Providers. The Coordinator of IT Services works with those responsible for third party service procurement activities among all departments of the College to raise awareness of, and to institute methods for, selecting and retaining only those service providers that are capable of maintaining appropriate safeguards for nonpublic financial information of students and other third parties to which they will have access.

The Coordinator of IT Services is responsible for evaluating and adjusting the Program based on the risk identification and assessment activities undertaken pursuant to the Program, as well as any material changes to the Institution’s operations or other circumstances that may have a material impact on the Program. Processes in relevant offices of the College such as data access procedures and the training program should undergo regular review. The program itself, as well related policies are reevaluated annually in order to assure ongoing compliance with existing and future laws and regulations.

Platt College has several formal policies and procedures that address information security of the data covered by the GLB Act as well as consequences for failing to maintain the confidentiality of certain information, including: