21.5.1 Regulatory Compliance

---

Closely managing data content is necessary to ensure compliance with federal, state, and local regulations as well as grants and contract specifications. Each Clayton State division is responsible for clearly understanding and managing data to ensure confidential data is appropriately classified and safeguarded. Clayton State University will comply with Data Governance policies and procedures by ensuring that appropriate organizational personnel has a working knowledge of:

• Georgia’s Open Records Act OCGA § 50-18-70
  • Clayton State University Open Records
• Family Education Rights and Privacy Act (FERPA)
  • Clayton State University FERPA Records Access Policy
  • FERPA Confidentiality of Education Records
  • FERPA Release of Information
• U.S. Department of Health and Human Services Health Information Probability and Accountability Act (HIPAA)
  • USG HIPAA Policy and Procedures for Compliance
    • Comparing FERPA & HIPAA Fact Sheet
• Gramm-Leach-Bliley Act (GLBA)
  • GLBA Definitions
  • GLBA Safeguard Rule
  • GLBA Compliance
  • GLBA Information Security Program
• General Data Protection Regulation (GDPR)
  • EU General Data Protection Regulation Compliance Policy
  • Clayton State University GDPR Lawful Basis for Collecting Data (PDF)–(Word)
  • Clayton State University Consent for Collection for Sensitive Personal Data Form
  • Clayton State University Data Steward Questionnaire (PDF)–(Word)
• Specific research data requirements
  • Clayton State Institutional Review Board
• Other applicable regulations