Rice University

• Different departments are responsible for different aspects of compliance. The Rice University Compliance Matrix is a helpful resource in this regard.
• For more information on Title IX Requirements (SaVE - Sexual Violence Elimination Act) visit http://safe.rice.edu/ContactUs/
• Specific questions about compliance can be directed to the Rice Compliance Office.

Texas Law

• Texas Personal Information Data Privacy Notification and Encryption Law: Business and Commerce Code Chapter 521

Federal Law

• FTC Red Flags Rule - The Rice University Identity Theft Prevention Program was developed using the guidance provided by the Federal Trade Commission (FTC) “Red Flags Rule,” found in 16 C.F.R. 681.
• Family Educational Rights and Privacy Act (FERPA) – Student records are covered by the requirements of this act. Specifics about FERPA at Rice can be found here.
• Health Insurance Portability and Accountability Act (HIPAA) – Describes protections for health information.
• Gramm Leach Bliley Act (GLBA) – Requires financial institutions to protect nonpublic personal information.

International Law

• EU General Data Protection Regulation provides protection of personal data from the European Union. Rice guidance on compliance can be found here, and information from the EU can be found here.

Industry Regulation

• Payment Credit Industry Data Security Standards (PCI DSS) – Personal credit card information is covered by these data security standards and apply to anyone who is a merchant or handles credit card and debit card transactions. Information about taking credit cards at Rice can be found here.

Data Security is everyone’s responsibility.