Security breaches have become an everyday problem. Some security experts say "it is not if you will be breached, but when...." In 2012 over 1451 breaches were reported. In 2011 over 22 million records containing personal information were compromised. Ten percent of those were from higher education institutions. To mitigate these breaches, federal and state laws have been passed which require action by institutions of Higher Education.
To meet those requirements, Roane State is required to provide annual training for the following:
- Gramm-Leach-Bliley Act (GLBA)
- Payment Card Industry Data Security Standards (PCI-DSS)
- Fair and Accurate Credit Transactions of 2003 (FACT Act) referred to as the "Red Flag Rules"
Additionally, a module that covers general data security is provided:
Roane State Community College, along with Walters State and Volunteer State has developed the following online Data Security E-Course:
- Data Security Overview Module - This is a general overview of data security that should be completed by all Roane State Employees, Faculty, Staff, Adjunct and Temporary.
- Gramm-Leach-Bliley Act Module - This module covers specific requirements regarding the privacy of customer financial information and should be completed by employees in the following areas: Admissions, Athletics, Business Office, Financial Aid, Foundation, Human Resources, IT, Payroll, Purchasing, Site Directors/Staff, and Workforce Development (Continuing Education).
- Identity Theft Prevention or Red Flag Rules Module - This module is to ensure that Roane State establishes an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in connection with the opening of a covered account or an existing covered account and to provide for continued administration of the Program. This module should be completed by all Roane State Business Office employees who process covered accounts.
- PCI-DSS Compliance Module - This module covers the Payment Card Industry Data Security Standards or PCI-DSS which is the college acceptance of credit card data both electronically and paper. This module should be completed by Roane State employees in the following area: Business Office, Financial Aid, Foundation, Purchasing, Site Directors/Staff and Workforce Development (Continuing Education).
Each module, except the Data Security Overview, has a quiz at the end that must be completed successfully. Upon successful completion, you will be asked to email your name to verify completion and print a certificate of completion. This online training is located at http://redflagrules.roanestate.edu/.
Training for Red Flag Rules, Gramm-Leach-Bliley and PCI-DSS is mandatory for employees in the areas identified above.