View Rule
View EO 12866 Meetings | Printer-Friendly Version Download RIN Data in XML |
ED/FSA | RIN: 1845-AA25 | Publication ID: Fall 2023 |
Title: ●Cybersecurity Standards for Institutions of Higher Education to Comply With EO 13556 and NIST 800-171 | |
Abstract:
The Department relies on schools participating in the federal student financial assistance programs and other grant programs under the Higher Education Act (HEA) to help carry out a wide range of business functions. Schools routinely process, store, and transmit Controlled Unclassified Information (CUI), which includes personally identifiable information (PII), sensitive personally identifiable information (SPII), and information. The protection of sensitive data while residing in school information systems is of paramount importance to the Department. To assure schools properly protect CUI, as required by Executive Order 13556, and the regulations at 32 CFR part 2002 which require non-Federal entities handling CUI to implement NIST 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations (NIST 800-171), the Department plans to propose to regulate on information security requirements. |
|
Agency: Department of Education(ED) | Priority: Other Significant |
RIN Status: First time published in the Unified Agenda | Agenda Stage of Rulemaking: Proposed Rule Stage |
Major: Undetermined | Unfunded Mandates: Undetermined |
CFR Citation: None (To search for a specific CFR, visit the Code of Federal Regulations.) | |
Legal Authority: 20 U.S.C. 1090 15 U.S.C. 6801 et seq. E.O. 13556 |
Legal Deadline:
None |
||||||
Timetable:
|
Regulatory Flexibility Analysis Required: Undetermined | Government Levels Affected: Undetermined |
Federalism: Undetermined | |
Included in the Regulatory Plan: No | |
RIN Data Printed in the FR: No | |
Agency Contact: David Musser Department of Education Office of Federal Student Aid 1990 K Street NW, Washington, DC 20006 Phone:202 377-3900 Email: david.musser@ed.gov |