Educause Security Discussion mailing list archives
Safeguards Rule additional requirements proposal tomorrow
From: Jarret Cummings <jcummings () EDUCAUSE EDU>
Date: Wed, 3 Apr 2019 19:07:44 +0000
Last Friday, I posted to the EDUCAUSE Review Policy Spotlight about a raft of new requirements that the Federal Trade Commission (FTC) is proposing to add to its Safeguards Rule - that is, a raft of new information security provisions that most colleges and universities would have to follow (https://er.educause.edu/blogs/2019/3/ftc-announces-proposed-changes-to-the-safeguards-rule). The 60-day comment period for the FTC's notice of proposed rule-making on this hasn't yet started, since the notice isn't official until it's published in the Federal Register. That changes tomorrow, April 4th, however, given the Federal Register announcement that it will publish the notice then (https://www.federalregister.gov/documents/2019/04/04/2019-04981/standards-for-safeguarding-customer-information). That will put the deadline for comments in the first week of June. EDUCAUSE plans to work with members to submit comments on behalf of the community. In the meantime, though, I urge you to review the proposed requirements and consider their implications for your institution's information security and IT operations in case the FTC sticks with its proposed six-month deadline for compliance from the date the final regulations are published. It's possible that could happen later this year, which would make the compliance deadline sometime in spring or summer of 2020. - Jarret Cummings _______________________________________________ Jarret S. Cummings Senior Advisor, Policy and Government Relations EDUCAUSE Uncommon Thinking for the Common Good direct: 202.331.5372 | educause.edu<http://www.educause.edu/>
Current thread:
- Safeguards Rule additional requirements proposal tomorrow Jarret Cummings (Apr 03)