The Family Education Rights and Privacy Act (FERPA) requires Penn to protect student records from unauthorized disclosure, while also limiting access to staff with a legitimate “need to know”.
Similarly, the Gramm-Leach-Bliley Act (GLBA) protects the privacy of data related to financial aid.
Personally Identifiable Information (PII) is any combination of data that can identify an individual person. PII ranges in sensitivity, from Social Security Numbers, credit card information, birthdates, phone numbers, PennKey name, and HR records.
This Tip Sheet provides useful resources to help you comply with privacy regulations and secure university data assets.