10.5 MGA Legal and Regulatory Compliance Policy

MGA POLICY NUMBER: Records: 10.5

MGA POLICY NAME: Legal and Regulatory Compliance

POLICY: Middle Georgia State University (MGA) shall abide by all applicable federal and state laws and Board of Regents (BOR) of the University System of Georgia (USG) policies pertaining to Legal and Regulatory Compliance.

This policy establishes a comprehensive legal compliance framework to ensure that the University's operations are conducted in accordance with relevant legal obligations, and to encourage proactive, accountable management.

CONTEXT: This policy applies to all University employees, and records (regardless of location or format) made or received in the transaction of University business.

The University Counsel, or designee, in consultation with MGA’s Data Governance Structure of Data Stewards and Data Trustees is authorized to draft procedures and guidelines for compliance with this Policy.

ADMINSTRATIVE AND ADDITIONAL RESOURCES:

  • Short Title: “Legal Compliance”
  • Original Draft Date: 11/25/19
  • Previous Version: N/A
  • Oversight: University Counsel

Additional Resources:

  • USG Business Procedures Manual 12
  • Georgia’s Open Records Act OCGA § 50-18-70
  • Family Education Rights and Privacy Act (FERPA)
  • U.S. Department of Health and Human Services Health Information Probability and Accountability Act (HIPAA)
  • Gramm-Leach-Bliley Act (GLBA)
  • General Data Protection Regulation (GDPR)

Associated MGA Policies and Procedures:

  • MGA Records Management Policy
  • MGA Open Records Procedures
  • MGA FERPA Policy
  • MGA GLBA Procedures
  • MGA GDPR Procedures
  • MGA Privacy Standard