Abstract
The American Council on Education (ACE) submitted a letter to the Office of Federal Student Aid (FSA) of the U.S. Department of Education (ED) on February 23, 2018, regarding FSA’s 2017-18 breach notification/information security reporting compliance actions against colleges and universities. The letter expresses ACE’s support for comments previously submitted to FSA on this issue by EDUCAUSE (https://library.educause.edu/resources/2018/2/educause-comments-fsa-breach-notification-information-security-reporting-requirements). Furthermore, it includes a request that FSA suspend the deadlines for institutional reporting on current compliance actions until a review of its policy based on EDUCAUSE’s comments has been completed. It also asks FSA to work with its designated institutional contacts to validate alleged security incidents and their relevance to federal student financial aid data prior to initiating formal compliance actions moving forward.