10.5 MGA Legal and Regulatory Compliance Policy

MGA POLICY NUMBER: Records: 10.5

MGA POLICY NAME: Legal and Regulatory Compliance 

Added: 12/19/2019
Revised: 12/19/2019
Last Reviewed: 12/16/2019
Effective: 01/19/2020

POLICY: Middle Georgia State University (MGA) shall abide by all applicable federal and state laws and Board of Regents (BOR) of the University System of Georgia (USG) policies pertaining to Legal and Regulatory Compliance.

This policy establishes a comprehensive legal compliance framework to ensure that the University's operations are conducted in accordance with relevant legal obligations, and to encourage proactive, accountable management.

CONTEXT: This policy applies to all University employees, and records (regardless of location or format) made or received in the transaction of University business.

The University Counsel, or designee, in consultation with MGA’s Data Governance Structure of Data Stewards and Data Trustees is authorized to draft procedures and guidelines for compliance with this Policy.


  • Short Title: “Legal Compliance”
  • Original Draft Date: 11/25/19
  • Previous Version: N/A
  • Oversight: University Counsel

Additional Resources:

  • USG Business Procedures Manual 12
  • Georgia’s Open Records Act OCGA § 50-18-70
  • Family Education Rights and Privacy Act (FERPA)
  • U.S. Department of Health and Human Services Health Information Probability and Accountability Act (HIPAA)
  • Gramm-Leach-Bliley Act (GLBA)
  • General Data Protection Regulation (GDPR)

Associated MGA Policies and Procedures: