• ED Issues Final State Authorization Regulations

    (January 20, 2017 – Jennifer Ortega) The U.S. Department of Education issued its final rules regulating state authorization for postsecondary distance education programs. After some concerns were voiced by the higher education community, the Department provided clarification on the impact of the regulations on state authorization reciprocity agreements.

  • NIST Releases Update to Cybersecurity Framework

    (January 20, 2017 – Jennifer Ortega) The National Institute of Standards and Technology released an update to its Cyberseucirty Framework for Improving Critical Infrastructure and encouraged the public to provide input on the changes. The living document is being updated to improve guidance on supply chain risks, clarify key terms, and introduce measurement methods for cybersecurity.

  • Think Congress for Higher Ed and IT Policy in 2017

    (December 12, 2016 – Jarret Cummings) The 2016 elections produced a major change in presidential administrations, but relative continuity in Congress, at least in relation to higher education and IT policy. Thus, reviewing proposals in those areas from the current Congress provides important clues on the potential shape of higher education and IT policymaking in 2017.

  • EDUCAUSE Joins Amicus Brief in DMCA Appeals Case

    (November 17, 2016 – Jarret Cummings) EDUCAUSE worked with several other higher education and library associations to file a brief in the BMG v Cox appeals case, which concerns the “repeat infringer” policy requirement for claiming the DMCA safe harbor. Without taking sides in the case, the groups participating in the brief asked the appeals court to avoid issuing a sweeping ruling that would impose new requirements for claiming the safe harbor or undermine its protections.

  • EDUCAUSE and NACUBO Call for Continued Safeguards Rule Flexibility

    (November 18, 2016 – Jarret Cummings) EDUCAUSE and NACUBO submitted a joint response to Federal Trade Commission (FTC) questions about possible updates to the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule. The associations asked the FTC to avoid introducing new, rigid requirements into the Rule; instead, they recommended that the Commission enhance the guidance and resources it provides to covered organizations, with the goal of facilitating greater information security as well as regulatory compliance.

  • ED Delays Distance Ed "State Authorization" Rules

    (November 17, 2016 – Jennifer Ortega) By failing to issue final distance education state authorization regulations by November 1st, the U.S. Department of Education missed a deadline for the rules to take effect by July 2017. That likely leaves the fate of the rules in the next administration’s hands.

  • New York Joins SARA

    (October 14, 2016 – Jennifer Ortega) The New York State Board of Regents unanimously approved regulations permitting New York’s institutions of higher education to participate in the State Authorization Reciprocity Agreement, opening its borders to distance education programs and students from over 40 other SARA states.

  • NARA Final Rule

    (October 14, 2016 – Jennifer Ortega) The National Archives and Records Administration has issued its final rule creating a single definition of Controlled Unclassified Information for all federal agencies, effectively replacing the patchwork of controls that various agencies had independently developed and utilized. The final rule incorporates by reference NIST SP 800-171. It only applies directly to federal agencies, but it mandates that agencies incorporate CUI requirements into their contracts and agreements, including those with colleges and universities.

  • EDUCAUSE Comments: ADA Web Regulations Supplemental Advance Notice

    (October 11, 2016 – Jarret Cummings) EDUCAUSE joined with several higher education leadership associations to submit a response to U.S. Department of Justice regulatory proposals on web accessibility. The comments express support for WCAG 2.0 AA as the potential regulatory standard and a comprehensive institutional planning requirement to facilitate compliance. They also request that DOJ recognize the unique research functions institutional web presences must support and therefore focus compliance requirements on sites and content over which institutions exercise direct, centralized control.