skip to main content

S. 1401 (110th): Student Financial Aid Data Privacy Protection Act

The text of the bill below is as of May 15, 2007 (Introduced).


II

110th CONGRESS

1st Session

S. 1401

IN THE SENATE OF THE UNITED STATES

May 15, 2007

(for himself, Mr. Alexander, Mr. Allard, Mr. Burr, Mr. Isakson, Mr. Roberts, and Ms. Murkowski) introduced the following bill; which was read twice and referred to the Committee on Health, Education, Labor, and Pensions

A BILL

To improve the National Student Loan Data System.

1.

Short title

This Act may be cited as the Student Financial Aid Data Privacy Protection Act.

2.

National Student Loan Data System

Section 485B of the Higher Education Act of 1965 (20 U.S.C. 1092b) is amended—

(1)

by redesignating subsections (d) through (g) as subsections (e) through (h), respectively;

(2)

by inserting after subsection (c) the following:

(d)

Principles for administering the data system

In managing the National Student Loan Data System, the Secretary shall take actions necessary to maintain confidence in the data system, including, at a minimum—

(1)

ensuring that the primary purpose of access to the data system by guaranty agencies, eligible lenders, and eligible institutions of higher education is for legitimate program operations, such as the need to verify the eligibility of a student, potential student, or parent for loans under part B, D, or E;

(2)

prohibiting nongovernmental researchers and policy analysts from accessing personally identifiable information;

(3)

creating a disclosure form for students and potential students that is distributed when such students complete the common financial reporting form under section 483, and as a part of the exit counseling process under section 485(b), that—

(A)

informs the students that any title IV grant or loan the students receive will be included in the National Student Loan Data System, and instructs the students on how to access that information;

(B)

describes the categories of individuals or entities that may access the data relating to such grant or loan through the data system, and for what purposes access is allowed;

(C)

defines and explains the categories of information included in the data system;

(D)

provides a summary of the provisions of the Federal Educational Rights and Privacy Act of 1974 and other applicable Federal privacy statutes, and a statement of the students' rights and responsibilities with respect to such statutes;

(E)

explains the measures taken by the Department to safeguard the students' data; and

(F)

includes other information as determined appropriate by the Secretary;

(4)

requiring guaranty agencies, eligible lenders, and eligible institutions of higher education that enter into an agreement with a potential student, student, or parent of such student regarding a loan under part B, D, or E, to inform the student or parent that such loan shall be—

(A)

submitted to the data system; and

(B)

accessible to guaranty agencies, eligible lenders, and eligible institutions of higher education determined by the Secretary to be authorized users of the data system;

(5)

regularly reviewing the data system to—

(A)

delete inactive users from the data system;

(B)

ensure that the data in the data system are not being used for marketing purposes; and

(C)

monitor the use of the data system by guaranty agencies and eligible lenders to determine whether an agency or lender is accessing the records of students in which the agency or lender has no existing financial interest; and

(6)

developing standardized protocols for limiting access to the data system that include—

(A)

collecting data on the usage of the data system to monitor whether access has been or is being used contrary to the purposes of the data system;

(B)

defining the steps necessary for determining whether, and how, to deny or restrict access to the data system; and

(C)

determining the steps necessary to reopen access to the data system following a denial or restriction of access.

; and

(3)

by striking subsection (e) (as redesignated by paragraph (1)) and inserting the following:

(e)

Reports to Congress

(1)

Annual report

Not later than September 30 of each fiscal year, the Secretary shall prepare and submit to the appropriate committees of Congress a report describing—

(A)

the results obtained by the establishment and operation of the National Student Loan Data System authorized by this section;

(B)

the effectiveness of existing privacy safeguards in protecting student and parent information in the data system;

(C)

the success of any new authorization protocols in more effectively preventing abuse of the data system;

(D)

the ability of the Secretary to monitor how the system is being used, relative to the intended purposes of the data system; and

(E)

any protocols developed under subsection (d)(6) during the preceding fiscal year.

(2)

Study

(A)

In general

The Secretary shall conduct a study regarding—

(i)

available mechanisms for providing students and parents with the ability to opt in or opt out of allowing eligible lenders to access their records in the National Student Loan Data System; and

(ii)

appropriate protocols for limiting access to the data system, based on the risk assessment required under subchapter III of chapter 35 of title 44, United States Code.

(B)

Submission of study

Not later than 3 years after the date of enactment of the Student Financial Aid Data Privacy Protection Act, the Secretary shall prepare and submit a report on the findings of the study to the appropriate committees of Congress.

.