BP 6-20 – Personally Identifiable Information Security Program

State Board for Community Colleges and Occupational Education


BP 6-20

APPROVED: May 9, 2018
EFFECTIVE: May 9, 2018
REVISED: February 8, 2023
RETITLED: February 8, 2023
RENUMBERED: February 8, 2023

REFERENCE(S): The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 C.F.R. Part 99); The Gramm-Leach-Bliley Act (GLB) (15 U.S.C. §§ 6801–6809,16 C.F.R. Part 314); The Health Insurance Portability and Accountability Act (HIPAA) (42 U.S.C. § 1320d-1320d-8; 45 C.F.R. Parts 160,162 and 164); Protection of Personal Identifying Information Act (C.R.S. § 24-73-101-103); Fair and Accurate Credit Transaction Act of 2003 (FACTA) Red Flags Rule (15 U.S.C. § 1681m(e))

APPROVED:

/ S.R. Heath, Jr. /
The Honorable S.R. Heath, Jr., Chair

POLICY STATEMENT

The State Board for Community Colleges and Occupational Education (SBCCOE or Board) is committed to complying with federal and state laws regarding security of personally identifying information maintained by the Colorado Community College System (CCCS or System).

SCOPE

This policy applies to the Colorado Community College System, including its Colleges (CCCS or System).

PROCEDURE

The Chancellor shall promulgate such procedures as may be needed to implement this policy.