Oracle's guidance regarding GLBA Requirements
Recently the Department of Education published an announcement regarding Updates to the Gramm-Leach-Bliley Act Cybersecurity Requirements that went into effect June 9, 2023. In response we wanted to remind our customers of Oracle’s guidance regarding GLBA support for our customers.
You have represented to Oracle that You may be subject to the Gramm-Leach-Bliley Act, 15 U.S.C. sections 6801 et seq. and its regulations (“GLBA”). To the extent that You require Oracle to access Nonpublic Personal Information, Customer Information or Consumer Information as defined by GLBA (collectively, “NPI”) in order to perform the services, Oracle will treat NPI as confidential information as defined in the Nondisclosure section of the Agreement. You agree to use reasonable efforts to limit Oracle’s access to NPI as necessary to perform the services. Oracle will implement reasonable administrative, physical and technical measures designed to: (1) ensure the security and