GLBA Case History

A private research university needed to create its GLBA program. This is to ensure compliance to protect confidentiality and security of “nonpublic personal information”(NPI).


Call Us Today

SCENARIO: Title IV schools are financial institutions per Gramm-Leach-Bliley Act (GLBA, 2002). Per FSA PPA & SAIG agreements, these schools must have GLBA safeguards in place. Otherwise they may be found administratively incapable (unable to properly administer Title IV fund).

A private research university needed to create its GLBA program. This is to ensure compliance to protect confidentiality and security of “nonpublic personal information”(NPI).

  • Tile IV School: An institution that processes U.S federal student aid

  • NPI: any “personally identifiable financial information” that a financial institution collects about an individual in connection with providing a financial product or service, unless that information is otherwise “publicly available”

WCG's STRATEGY: Wilson Consulting Group (WCG) was contracted to develop a GLBA compliance program that would assist the university in implementing correct policies, processes, standards, techniques and technologies to securely collect, handle and transmit NPI.

WCG developed and implemented a tailored GLBA compliance program. This program consisted of:
  • Compliance Program plan
  • Data maps of all processes that transmit, process, and store PII
  • Policies, processes, and standards
  • Awareness, training, and education plan
  • Service providers agreement and process evaluation

WCG RESULTS: A comprehensive GLBA program was created by WCG and validated by the university management. The new program ensured compliance with GLBA and, thereby, improved its security posture.


Get Started Now
Other Track Records Services You May be Interested In:

WCG developed a budget to support the system improvements and implementation.

WCG exceeded all of the ministry’s requirements for improving the security of its IT system.

WCG can help your company meet these security challenges and regulatory hurdles.

WCG provided deliverables on time, on budget, and to the HIPAA specifications, thus enabling the agency to achieve the required HIPAA security compliance posture

WCG effectively assisted government agenciesand businesses in Sub-Saharan Africa to overcome their technological challenges and achieve their goals.

WCG successfully prepared certification, procedures and approvals for the complex multi-tiered records management applications within the agency’s environment.

WCG helped the organization rectify all risks based on the findings of the vulnerability assessment and gap analysis.

WCG Reviewed, updated, and developed information security guidelines.

As GDPR was fast approaching, the company needed to see if their processes were aligned with regulations.

A private research university needed to create its GLBA program.

Cyber-attacks damage an institution’s reputation, disrupt the operation of a business, and cost time and money to remediate the impact of an attack.
Blog : Industry Perspectives